How secure is Dropbox?

« Back to Help Center

At Dropbox, the security of your data is our highest priority. We have a dedicated security team using the best tools and engineering practices available to build and maintain Dropbox, and you can rest assured that we've implemented multiple levels of security to protect and back up your files. You can also take advantage of two-step verification, a login authentication feature which you can enable to add another layer of security to your account.

Other Dropbox users can't see your files in Dropbox unless you deliberately share links to files or share folders. Dropbox employees are prohibited from viewing the content of files you store in your account. Employees may access file metadata (e.g., file names and locations) when they have a legitimate reason, like providing technical support. Like most online services, we have a small number of employees who must be able to access user data for the reasons stated in our privacy policy (e.g., when legally required to do so). But that's the rare exception, not the rule. We have strict policy and technical access controls that prohibit employee access except in these rare circumstances. In addition, we employ a number of physical, technical, and heuristic security measures to protect user information from unauthorized access.

For our advanced users

  • Dropbox uses modern encryption methods to both transfer and store your data.
  • Secure Sockets Layer (SSL) and AES-256 bit encryption.
  • Dropbox applications and infrastructure are regularly tested for security vulnerabilities and hardened to enhance security and protect against attacks.
  • Two-step verification is available for an extra layer of security at login. You can choose to receive security codes by text message or via any Time-Based One-Time Password (TOTP) apps, such as those listed here.
  • Public files are only viewable by people who have a link to the file(s).

Dropbox is designed with multiple layers of protection, including secure data transfer, encryption, network configuration, and application- and user-level controls that are distributed across a scalable, secure infrastructure.

Access via third-party apps

Some third party apps with Dropbox integration will ask for permission to access your Dropbox. To grant access, you will need to log in to your Dropbox account and explicitly press the Authorize button when prompted. You can visit the My Apps section of your account settings to review the apps you've granted permission to and revoke access at your discretion.

Was this article helpful? Yes No