More secure file sharing for OneDrive Personal
Today a shared folder or document ist just protected by the link to it. If someone captures the email containing the link, then he has access to all the shared files.
To share more confidential files I would like to share with a specific microsoft account. Then the files are at least as secure as the microsoft account of the person i shared the files with.
Why to pay for office 365 home for 5 family members when I can't share the 1 TB of OneDrive space securely with them?
More secure file sharing is now available in OneDrive for consumers! You can use the share dialog to select a link that will only work for the people you specify!
When I share, "Anyone with a link can edit" is selected by default. Massive security issue.
Leads to unnecessary exploits such as the one described here: https://www.forbes.com/sites/daveywinder/2020/04/15/windows-onedrive-security-vulnerability-confirmed-all-you-need-to-know/
Actually there is that option already, but for whatever reason it isn't accessible from WEB interface. On UWP windows app, android app it is called "require sign-in to access"
Show an icon on the top level folder (and down the tree) when it contains shared sub folder or files. This will make it easier to keep track of what is shared.
Allow the user to put a lock on a folder to prevent accidental sharing of the folder and any sub folders or files. It is too easy to accidentally share the wrong folder which may contain sensitive data.
When will be available share with specific people on O365 for family like in O365 for companies?
I like OneDrive, but otherwise I think about switching to different service. Make no sense to today's world and all security risks to use just links with password. It is really silly solution.
As there is a workaround to acomplish sharing with specified MS account/s only I don't know what is the big deal that MS is not able to deploy such feature?!
And the workaround are:
Scenario 1 - with sharing link only
create shareable link to a file or a folder > you may add password protect if you have got paid O365 subscription > paste the link to new email or just share it by a communicator of your choice >
recipient opens the link at his browser > clicks "Add to my Shared list" > login with his/her account if not yet logged in > confirm the account he/she want to use to access the object > now the object should be listed in "Shared" section just under sender's name
Afterwards the sender may review sharing permission of the object and will see the sharing link and named MS account of the recipient. Now the sharing link have to be removed. Named account should stay at the list.
That way sharing link is no longer valid but the recipient still has got access to the shared object.
Scenario 2 - share by email
The procedure is nearly the same as the previous one so I'm not going provide here all the details but wrap up just important things.
If you need to share the link by email you have to use any recipient's MS account alias but primary one (recipient have to create it priorly). This is because in such case sender will see at the list of people who have got access email entry instead of link. (Link sent to <recipient@email>). One the recipient adds the object to the shared list new entry is created at the object's permission list for primary alias of the recipient's MS account.
If needed or requested I may provide you more details with sceeenshots.
The only thing I don't understand is if I'm able to do so manually what's the deal with deploying such workflow automatically with small adjustments to salt the link with recipient's MS account ID for protecting the link against using it by undesirables. Detecting if the recipient email is valid MS account alias is no big deal. It's being used in other MS services.
If the object would going to be shared with more MS accounts algoritms just should just create individudal link for each recipient.
BTW - OneDrive Business has been implemented such feature.
I would like to audit who acccessed which file at which time in my family's O365 OneDrive.
Michael Robert Dolgon commented
I keep getting regular e-mail updates to new comment activity on this thread, as I was the original submitter. Surprised (sarcasm) to see two years later that nothing has been done about it. How pathetic. I'm cancelling all my Microsoft Services now.
Afzal Ballim commented
Passwords are not the best way to protect content. I have no problem with a feature that is only available to other onedrive users - who therefore have live accounts. In particular for everyone in a family (Office 365 Home).
Much appreciated. As an additional option for sharing files, it is most welcome.
I'd like to support the original idea with shared folders or documents to a specific other Microsoft account. As stated in other comments, this is a feature available in all other cloud services (e.g. Dropbox. Google drive, OneDrive for Business) and also currently preventing me from completely switching from Dropbox to OneDrive. Please rethink!
Pedro DD commented
Admin Eugene Lin, ridiculous answer. Shame on you. This is a BASIC and IMPORTANT feature. All cloud services have it.
Miguel Gama commented
Official response is actually a workaround. Feature should be implemented as requested. Ideally the family should have some shared common space.
I'd have to agree with most of the commentary here; file sharing between accounts is a pretty typical offering for most cloud storage platforms - for example, my wife and I share individual folders (like gift lists) in Google Drive (not sure if it's because I'm premium or just standard), and I also share certain folders with myself for access on accounts that have gotten setup in the past for my work (to limit what can be accessed or monitored on business computers, say if I want to have my resumes available, I'm not having to port this data around, I can just work on a single entity).
Best I can tell, I can't migrate to the Microsoft offering because this adds complexity rather than facilitates ease-of-use, which is essential for many in my family.
It's (obviously) impractical to expect users to keep and organize "links" to folders they want to access, especially when there are multiple shared folders to access, especially if I want to take a copy, revise it, and then later re-introduce it into its origin point.
There are often times I'd also benefit from having access to tools from my OneDrive account, but I also can't access these from my OneDrive for Business account (which does have the described functionality).
I don't think anyone is saying anything that isn't well known, but these basic features probably shouldn't be one of those features you put behind the red velvet cardon, which I suspect is the real reason it isn't integrated.
If the fear is users daisy-chaining a bunch of free accounts together to maximize space (which I would suggest can be done anyways in other ways), MS could at least make this a feature that sits behind the paid subscription (or a dozen other ways).
The business argument would then be modelling it as it currently is disincentivizes paying customers in favor of seeking a (potentially free) work-around (or worse, a competitor).
I'd also venture that the password-protected link sharing is really a solution to a different problem - sharing documents with users who sit outside the Microsoft ecosystem; if you look at it like this, it's clear a step is obviously missing, which raises the real question of why is it missing (and there's obviously a reason).
Link Expiration and Link Password are great additions, but are no substitute for named account permissions. We need to be able to ensure that only specific people have access to certain files or folders, so we need account permissions in addition to link sharing. We also need to be able to either navigate the Shared folders and files and check permissions or list users with access to these folders and files.
I am not sure why this feature was removed from OneDrive. There are several ways you can add this again and still keep the sharing process simple for users that do not want to bother with advanced sharing, or require people to have a Microsoft Account. You can even put an option in Settings to allow users to enable or disable this Secure/Advanced sharing feature for their OneDrive account.
This is a must and severely limits the usability of OneDrive sharing for a lot of security concerned customers. Especially OneDrive Premium paying customers who wish to make OneDrive their single or primary cloud storage service. I know a lot of Microsoft customers turn to other cloud storage services for secure sharing, but wish they cloud use OneDrive for that as they already pay for Office.
Please give more attention to this matter. We would love to have a more similar and consistent experience across the consumer and business products and have the same sharing features we have on OneDrive for Business . Or, at least the ones that can be implemented without the required supporting infrastructure.
I have nothing against 'password-protected sharing links' for occasional sharing of unimportant things. However, when sharing with another Microsoft account, one can use 2nd factor auth, the recipient can change its MS account pw and so on. It is imho an essential thing to have for cloud storage. You should stop 'thinking about it' and bring back what once already worked!
The current INSECURE public links are unacceptable. These can be forwarded, posted, sniffed etc.
We are paying customers and expect the option of secure sharing with family or friends. Links should be checked against MSA logins if a sharer wants to share securely.
Business OneDrive does have a weird 'secure' sharing to non-AD users emailing links and then PINs. I still don't consider that particularly secure but it is way better than emailing public links.
This is security 101 stuff. A customer says to share with a person, they expect only that person to be able to access the shared data.
I like this idea. I just mis-fired a link to a wrong email address. I hoped that by changing the name of the file/folder that the path would be changed and protect the information that went to the unintended location. Then, all I would have had to do was re-send the link to the corrected address list, but the path still led to the same place. Also, the "permissions" to allow only viewing, not editing seems not to work. I was able to access and to edit the content name on my wife's device which did not just edit it on her device, but also in OneDrive. Seems that some improvements are needed...so far the cloud seems to have editing and security of the vintage 1980s or 1990s.
FYI I've updated the title to reflect that this request is scoped to OneDrive Personal.
Note that OneDrive for Business already supports secure sharing both inside and outside of an Office 365 organization.
Nicalaus West commented
Google Drive does this so easily that I was seriously surprised that Microsoft's OneDrive didn't do it too.