There are various ways available to send files securely online, especially when you want to make sure that only selected friends, family, or work colleagues can access those files. Though there are tools you can use directly to protect files and folders, that's not always practical with online access.
There are various additional solutions, not least by using plugins to existing programs you might use to ensure that file sharing is secure. Alternatively, there are dedicated file sharing apps and software available that can ensure only the people you want to see a file can do so, or alternatively, make the file temporary so that it won't remain online long enough for other people to see.
There are various options available to you, and whichever one you pick just ensure that you do have all settings correctly configured so that your files or folders remain private.
In the meantime, here we list the ten best ways in which you can share files securely.
- We’ve picked out the best cloud storage providers of 2019
A cloud storage solution is one convenient way to share your files online, and our pick of the bunch is pCloud. There doesn’t appear to be any limit to the size of files you can upload to pCloud, so that makes it ideal not just for syncing files, but syncing large ones – and sharing them with whoever you want.
In terms of security, you need to pick up the pCloud Crypto feature which costs $4.99 per month and provides client-side encryption to password protect files as they speed across the net.
Another strength here is the wide range of supported devices, including Windows, macOS, Linux, iOS and Android hardware, plus there’s a web platform to boot. With pCloud, you get 10GB of free storage to kick-off, plus more can be obtained via referrals (up to 20GB), and naturally there are premium subscription plans on offer (including a lifetime option).
2. Password protection
Many applications such as the cross-platform word processor LibreOffice Writer contain an option to password protect documents. Usually you’ll be asked to type in the password twice to make sure it’s entered correctly. Note it down carefully.
The specific steps you need to follow plus the strength of the encryption used will vary depending on the piece of software in question. Check with the developer (look for the support section of the website) if you need help with anything. Ideally documents should be protected with at least 128-bit AES encryption.
You will of course need a way to send the password to the recipient securely after sending the file.
PGP and GPG are two programs which make use of public key cryptography to send files securely.
They get around the problem of having to send someone the password of a file you’ve encrypted by using a ‘public key’ to encrypt documents and a ‘private key’ to decrypt them. Your private key never leaves your computer but anyone can use your public key to send you files.
Setting this up can be tricky for less tech-savvy types. The easiest way is probably to install the cross-platform email client Mozilla Thunderbird, then use the free add-on Enigmail which has a handy step-by-step wizard.
Messages are encrypted before leaving your machine, so you can safely send files to your correspondent. You can also use security codes to make sure no one is sitting between you and them, intercepting your messages (known as a ‘man-in-the-middle’ attack).
OTR messaging is available as a plug-in for Pidgin, as mentioned, but is also built into other messenger clients such as Signal for Android and iOS.
5. One-Time Pad
To use a One-Time Pad, first you must create a list of random numbers by rolling dice or using a computer. Your correspondent does the same, then you both meet and give each other a copy of the pads.
When you want to send your correspondent a file, you can then combine the random data in the pad with it, and send. The recipient can then use their copy of your pad to take away the random data to reveal the file.
This is tricky to get right, but theoretically it’s perfectly secure. There are a few programs as listed here, such as the Paranoia plug-in for the Pidgin messaging app, which can automate the process for you.
See our guide on using a One-Time Pad on the Raspberry Pi here.
LastPass is an excellent service which stores all of your usernames and passwords in one place. One of its niftiest features is that you can choose to share a login – say, for Google Photos – via email.
Part of the beauty of LastPass is that if you choose you can allow your correspondent to log in and access files without them seeing the password. Your connection is also protected by SSL so there’s very little chance anyone could connect to your data in the same way. In short, this is one of the most respected password managers out there, and with good reason.
Snapchat users will be aware that photos sent over the app theoretically self-destruct after a certain length of time. The recipient can take a screenshot of important information, however, and you’ll receive a notification that this has been done.
Snapchat updated its terms and conditions in 2014 to say that the firm may store copies of images you send. Ideally, you should use this app in combination with another of the methods listed here – for instance, you could encrypt a spreadsheet and send via email, then transmit the password separately via Snapchat. Splitting the file and the key in this way means only your correspondent will be able to view the data.
8. Resilio Sync
Resilio Sync (formerly BitTorrent Sync) synchronises files using the BitTorrent protocol. The advantage of this is that instead of having to share files via a cloud service like Dropbox, files can be synced directly between two devices.
Provided both your device and your correspondent’s are online, files can be shared in real-time and the connection is secured by 128-bit AES. BitTorrent is particularly good for sharing large files and folders as it was originally designed for that purpose. More devices can be added to share files with others if you wish.
The app is available for Windows, macOS, Linux, Android and iOS. The client is not open source so there’s no easy way for security experts to check the code used for any vulnerabilities.
SSH (Secure Shell) is a network protocol which establishes an encrypted tunnel allowing people to log in to a computer remotely. It can be used to upload and download files as well as run commands on the target computer.
If you have a server, you can give your correspondent their own username to log in and access files you’ve uploaded. Alternatively you could create an account for them on your own machine so they can connect to you.
Mac and Linux users will be pleased to hear they can use SSH directly from the Terminal app. Windows users can download the free program Putty to do the same.
Continuing the trend of obscure acronyms, SFTP (Secure File Transfer Protocol) is an extension of the SSH protocol used specifically for transferring files. In order to make use of it, you need to have access to a server, for instance by renting one from a provider like Hosted FTP.
You’ll be supplied with a username and password that you can use to connect and upload/download files. Most operating systems integrate FTP into the file explorer so you can move, edit and copy files onto the server just as you would with an ordinary folder. Although the connection is encrypted, documents stored on the server aren’t, so consider protecting them with a password before uploading.
- We also show you the best ways to share big files