Cloud services such as Dropbox and Google Drive permit users to backup their data and synchronize it across different devices (such as laptops, desktops, mobile phones, etc) using cloud storage technology that resides on servers controlled by those entities. While a great solution for many users, others are apprehensive or skeptical to entrust their private data to third parties. Fortunately, you can encrypt Dropbox data before it leaves your computer. This lets you enjoy the convenience of cloud storage while maintaining the security and complete privacy of your data.
There are several different third-party encryption utilities that you can use to accomplish the same thing, but of those I have tested Cryptomator is the best and easiest to work with. Cryptomator is an open-source project which means that it’s source code is open to review and that makes it easy for users to know that it doesn’t have back-doors or exploits built into it. Cryptomator encrypts files on your computer before sending them to the cloud. This gives Dropbox and Google zero knowledge of what is in your files. Only encrypted data ever reaches the cloud servers. In other words, this means they have no way of knowing what your files contain. In the event that your cloud provider’s security is compromised or your login credentials stolen, no one will be able to access your encrypted data without the encryption key you used to secure them.
Here is how you can do so in a few simple steps without the need to purchase anything.
Step 1: Download & install Dropbox (or Google Drive)
- Create your cloud account at the service of your choice (Dropbox, Google Drive, Microsoft OneDrive, Box, etc)
- Download and install their cloud storage software on your computer (if you do not already have it installed)
- Create some test files or folders and make yourself familiar with the directory structure and how to save files
Step 2: Download and install Cryptomator
- Visit Cryptomator.org and download the Windows software installation package
- Make a donation if you want to, or set donation to “0” and continue to the download
- Install the software using default options, and let it open after installation is complete
Step 3: Create an Encrypted Vault in Cryptomator
- Launch Cryptomator (if it is not already open)
- Click the PLUS (+) sign and choose “Create New Vault”
- In the explorer, navigate to the root Dropbox folder (or other cloud folder)
- Type a name for your encrypted vault, and click “save”
- Enter a password twice (write down or print the password and keep it very safe) and choose “create vault”
- Your vault is now created and ready to use
Step 4: Use your Encrypted Vault
- With Cryptomator open, select your vault from the list and enter the password, then click “Unlock Vault”
- Cryptomator will now mount your encrypted folder and you can use it as you would any other folder
- This will encrypt files saved in the encrypted vault (folder) before uploading them to the cloud
- To encrypt files that are already in your Dropbox, move them from a regular folder to the encrypted vault
- When you finish working on the files, you need to choose “Lock Vault” to close your encrypted session
- In my example (below), I moved files I wanted encrypted from my regular “Payroll” folder to my Vault
The above image shows the regular, unencrypted folder as it appeared in the local Dropbox folder. After moving the files to the encrypted vault we created, you can see how even the filenames are encrypted (image below).
Bringing it all together
If you followed the steps in this guide correctly, you now have an encrypted folder full of files stored in the cloud. These files can only be accessed by you, even if your Dropbox or cloud account is compromised. You can now have peace of mind while enjoying the benefits of using your cloud account to backup or collaboration. If you look at your encrypted vault folder on Dropbox’s web portal, you’ll see that the files are completely encrypted and reveal nothing (other than file size) about what the files contain. This is ideal for anyone who wants secure and encrypted cloud storage.
Accordingly, I can’t stress enough how important it is to have a secure backup of your password or encryption key. You should keep this printed out in a secure or locked place in case you are forgetful. The files cannot be decrypted without it, except through costly and time-consuming strategies which are beyond reach for most users.
Advanced Options
Cryptomator has several advanced options that you can configure if you want to take advantage of them. Since I find it most useful to use an incredibly complicated password that would be impossible to type each time, I use the option to “save password” and “auto-unlock on start” and then or a 40 or 50 character complex password which I store in a password manager and then save on each of my computers. This affords optimal encryption for data on stored on the cloud but keeps it easy to use on each of my computers. You should not use these options on a public computer or one that you share with another person because it would defeat the purpose of encryption if you set it to automatically unlock in those cases.
There you have it. Free, encrypted cloud storage. If you found this article useful, please share it or tell your friends! Everyone is safer when we all practice good security.
Please let me know below if you have any questions or comments about the implementation, and if this helped you or made your life easier, please consider sending some crypto my way or make a donation to a meaningful nonprofit organization.
bitcoin:16AZjxCHHmxfyTny1rNXcPSduaYWEvhQds
ethereum:0xe7f84CC9DAB3bB90Df5EFE55F93585b3d0f2D57A