To give a mid level of security, you might consider using the public directory, but adding 8 random characters to the directory name of each share.
Dropbox does not let users see the directory contents, but lets anyone access if they know the full file URL.
If I was to regularly start sharing, I would do something like:
DropBox_Dir/Public/Shared with Company A/2011-11-30-2tVhh2E8/file.zip
which equals download URL http://dl.dropbox.com/u/7099970/Shared%20with%20Company%2A/2011-11-30-2tVhh2E8/file.zip
DropBox_Dir/Public/Shared with Company B/2011-11-30-RrH8HZ5k/file.zip
DropBox_Dir/Public/Shared with Company A/2011-12-01-F7XyvwXj/file.zip
DropBox_Dir/Public/Shared with Company B/2011-12-02-Jh5Ts2GE/file.zip
These would get shortened via dropbox's URL shortener to
http://db.tt/ABCDEFGH , but the expansion would be seen afterward.
A regular pattern would be easy to predict.
Adding a string acts as a password. The password generator I use is built into the LastPass web browsing plugin, but many are available.
The more hassle option is to have all users join dropbox, and then the sharer selects who to share files / folders with. For my sharing applications, that was not an option.
Here is my Drop box referral code if you ever want to use it: http://db.tt/c9XSDu3r.
Enjoy.
Originally posted 11/30/2011 5:12 PM EST.
Updated 2/4/2013 to fix 2 typos. Also adding note below:
Note creating a db.tt short link decreases security. It provides a less secure way to access it, although it would be only be discoverable by pure random checking of many short links, not limited to any particular user.
1 comment:
Now that DropBox offers sharing of files and directories outside of the old Public directory, this strategy no longer makes sense.
The DropBox share link method does the same type of thing, much more easily and effectively.
Post a Comment