We worry about your files so you don't have to. Here you can learn more about how we ensure the safety and privacy of your files in Koofr. Amongst other things, all of our servers are located in highly secure data centres inside the European Union. But while all that is true, you can still do a lot to help us ensure your account's safety and security yourself. End users are actually one of the weakest security points in the whole process. Keep on reading and let's try to change that.
What can you do for the security of your Koofr account?
(1) Use a strong password to protect your account
Each year we have more and more online accounts and are sharing more and more of our valuable files with the help of potentially many different devices. Of course, there are many benefits to having access to all of your data anywhere and from any device, but without a strong password, you are open to vulnerabilities.
Using strong passwords is essential, as they are the first line of defence for your data. Use a strong password for your account and do not reuse the same password anywhere. For more tips on how to improve the strength of your passwords and how to remember them easily check out our blog post and our video.
(2) Turn on two-factor authentication (2FA)
Koofr offers 2-Factor Authentication which helps you protect your account with an additional layer of security. What does that mean exactly? With 2FA enabled, the unwelcome visitors will not be able to open your Koofr account, even if they know your username and your password. They'd also need a code generated by an app on your mobile device.
To start using 2FA with Koofr follow a few simple steps. Open your Koofr web app and click on Preferences in the Account Menu. Select 2-Step Verification in the menu on the left.
Pick up your mobile device and download a TOTP (Time-based One-time Password Algorithm) mobile application for your phone. It will turn your phone into a device capable of 2-Step Authentication. While a number of TOTP apps from various vendors is available, Koofr is proven to work with these apps:
When you have your mobile app installed, open it and add your Koofr account - either manually or by scanning the barcode that will appear as soon as you click on the Enable button in your Koofr account 2-Step Verification settings. Scan the code with your mobile app and follow the instructions in the chosen app to turn on 2-Step Verification and ensure the extra safety of your Koofr account.
Read more about 2-Factor Authentication here or check out our video.
Note: Be sure to save your Recovery codes in a safe place, as they can be used to access your Koofr account in the event you lose access to your device and are not able to receive 2-Step Authentication codes from the mobile app. Our support team cannot restore access to accounts with enabled 2-Step Authentication for security reasons. Saving your recovery codes in a safe place will ensure you are never locked out of your Koofr account.
Check out these user questions regarding 2FA on our subreddit:
(3) Remotely log out of your Koofr account
In case that is necessary, you can log out from all your Koofr sessions by changing your Koofr account password. This will log you out of all your web sessions (browsers).
If you also want to log out from the Koofr mobile app or Koofr desktop app, you have to revoke permission for the chosen application in the Koofr web app.
To do that, sign-in to your Koofr account in the browser. By clicking on your Profile picture icon in the upper right-hand side corner, the Account menu opens. Click on Preferences and find Security in the menu on the left. Find Applications and click on the Revoke access button next to the application from which you want to log out of. You will need to confirm this step by clicking Yes when a pop-up window opens.
This way you can also revoke access to Koofr for your old mobile devices.
(4) Create password-protected download and upload links
Open the sharing options in your Koofr account and select either Send link or Receive files. Select the wanted option to create either a download or an upload link.
To ensure the extra safety of your sharing links check the Link is protected checkbox, like in the pictures below.
Note: If you are trying to share potentially malicious file types - like .exe, .zip or similar, the password protection is set automatically. Password protection is mandatory in those cases due to antivirus and browser requirements and cannot be turned off.
Check out our video tutorials for Send link and Receive files sharing options.
Be careful who you share files and folders with, set expiration dates for your links, and be sure to also audit and remove your file and folder shares from time to time in case somebody manages to access the accounts of people you've shared your files with. You can see all of your shares by clicking on Shared in the Main menu of your Koofr account.
Note: To enhance security even further, you can also choose automatic password protection for your download and upload links. To do that, open the Account Menu, click on Preferences and select Security in the menu on the left. Check the checkbox next to Automatically set password when created to automatically protect your links with a password or decide that all files sent and received need mandatory password protection by checking the Mandatory password protection checkbox. You can, of course, also select both.
Check out our answer regarding link sharing here.
(5) Set up client-side encryption with Koofr Vault
We recently launched one of our most heavily requested features: Koofr Vault, an open source client-side encrypted folder for Koofr cloud storage offering an extra layer of security for your most sensitive files. To get started with Koofr Vault, we recommend reading our beginner's guide to Koofr Vault.
Koofr Vault is fully compatible with rclone, a powerful and versatile open source command-line tool that brings transparent, open source client-side encryption which you can use with Koofr. It is the solution we have been recommending until now, and it remains our recommended method for client-side encryption on desktop.
In fact, Koofr Vault and rclone are completely interchangeable, so if you have been using rclone until now, you can set up a Safe Box in your Koofr Vault using your rclone encryption config and access your encrypted files on Koofr with Koofr Vault.
If you are a rclone beginner you can read more about starting with rclone here and continue with setting up client-side encryption with the help of this blog post.
Note: You can also use one of the many other third-party encryption softwares that can connect to Koofr via WebDAV.
Read this to find out more about our long-term plans regarding client-side encryption.
Are you already doing all of this to protect your Koofr account? Check out what else you can do to protect your privacy online and ensure the safety of your files and accounts.
Want to talk to us? Join us on the Koofr subreddit!