[HOWTO] On-The-Fly Encryption and Dropbox

Wednesday, August 7, 2013 @ 9:45 pm

I’ve recently moved most of my files on Dropbox into an encrypted folder, thanks to encfs4win (for my Windows computers) and Encdroid (to access them on my phone). Here is a guide I’ve put together with how to do the same with some best practices.


Below is a screenshot of one of my actual Dropbox folders, encrypted vs decrypted:

encfs4win and Dropbox

Benefits:

  • on-the-fly encryption of your files (e.g. drag and drop to automatically encrypt them)
  • complete encryption – filenames and file contents are both encrypted
  • cross-platform (Encdroid for Android, encfs4win for Windows, encfs for Linux, etc)
  • fast decryption times (if Paranoia Mode is enabled, it’s normal on encfs(4win) but slower on Encdroid)

Drawbacks:

  • less convenience – having to decrypt the files before being able to access them

Requirements:

  1. A cloud-based service already set-up (e.g. Dropbox, SugarSync, etc). This guide will focus on Dropbox.
  2. encfs4win (http://members.ferrara.linux.it/freddy77/encfs.html)
  3. Dokan version 0.6 (has to be version 0.6: http://dokan-dev.net/en/download/)

Steps:

  1. Install Dokan – pretty straight-forward, there are no settings you will have to change.
  2. Download encfs4win and extract the 5 files anywhere on your computer (e.g. your C:\ drive)
  3. Double-click on encfsw.exe
  4. A key icon will appear in your system tray

    8-7-2013 8-45-03 PM

  5. Left-click on it to show the menu

    8-7-2013 8-45-21 PM

  6. Click on Preferences

    8-7-2013 8-45-27 PM

  7. I would recommend ticking “Launch at startup” so that encfs4win starts automatically when you startup your machine
  8. Click OK, then click on the key icon again (in step #4), and then click on “Open/Create
  9. Navigate to your Dropbox folder, click on it
  10. Click on “Make New Folder” and type in a name for your encrypted folder

    8-7-2013 8-46-29 PM

  11. Click OK, and then you will see the below screen:

    8-7-2013 8-47-31 PM

  12. Select a drive that will be created when you “mount” your encrypted folder where you can drag-drop files into
  13. Tick “Set paranoia mode (more secure)“. If you use Encdroid (an Android app to access encrypted folders), I find having this ticked drastically increases the decryption time, so tick at your own caution. If you only use encfs4win, I find that ticking this option has little impact on the decryption time.
  14. Type in a secure password. By secure, I mean something like $3cu|2ep4ssw0rd (something at least 16 characters, with a mix of alphanumeric + symbols)
  15. Click “OK
  16. A password prompt will appear, type in the password you set in step #14
  17. A Windows Explorer window will open with a blank folder
  18. You can start to cut + paste Dropbox files into this folder to secure them
  19. To mount/decrypt your encrypted folder, click on the key icon (in step #4), and click on “Mount _____ (x)”
  20. When you mount/decrypt your encrypted folder, the drive letter you selected in step #12 will appear in your “My Computer” or Windows Explorer listing with a “DOKAN” name (in this example, my Y drive):

    8-7-2013 8-50-26 PM

  21. Below is an example of me creating a “Hello.txt” file in the Y:\ drive, and below is how it appears in Dropbox as an encrypted file

    8-7-2013 8-49-26 PM