More secure file sharing for OneDrive Personal
Today a shared folder or document ist just protected by the link to it. If someone captures the email containing the link, then he has access to all the shared files.
To share more confidential files I would like to share with a specific microsoft account. Then the files are at least as secure as the microsoft account of the person i shared the files with.
Why to pay for office 365 home for 5 family members when I can't share the 1 TB of OneDrive space securely with them?
Michael Robert Dolgon commented
I keep getting regular e-mail updates to new comment activity on this thread, as I was the original submitter. Surprised (sarcasm) to see two years later that nothing has been done about it. How pathetic. I'm cancelling all my Microsoft Services now.
Afzal Ballim commented
Passwords are not the best way to protect content. I have no problem with a feature that is only available to other onedrive users - who therefore have live accounts. In particular for everyone in a family (Office 365 Home).
Much appreciated. As an additional option for sharing files, it is most welcome.
I'd like to support the original idea with shared folders or documents to a specific other Microsoft account. As stated in other comments, this is a feature available in all other cloud services (e.g. Dropbox. Google drive, OneDrive for Business) and also currently preventing me from completely switching from Dropbox to OneDrive. Please rethink!
Pedro DD commented
Admin Eugene Lin, ridiculous answer. Shame on you. This is a BASIC and IMPORTANT feature. All cloud services have it.
Miguel Gama commented
Official response is actually a workaround. Feature should be implemented as requested. Ideally the family should have some shared common space.
I'd have to agree with most of the commentary here; file sharing between accounts is a pretty typical offering for most cloud storage platforms - for example, my wife and I share individual folders (like gift lists) in Google Drive (not sure if it's because I'm premium or just standard), and I also share certain folders with myself for access on accounts that have gotten setup in the past for my work (to limit what can be accessed or monitored on business computers, say if I want to have my resumes available, I'm not having to port this data around, I can just work on a single entity).
Best I can tell, I can't migrate to the Microsoft offering because this adds complexity rather than facilitates ease-of-use, which is essential for many in my family.
It's (obviously) impractical to expect users to keep and organize "links" to folders they want to access, especially when there are multiple shared folders to access, especially if I want to take a copy, revise it, and then later re-introduce it into its origin point.
There are often times I'd also benefit from having access to tools from my OneDrive account, but I also can't access these from my OneDrive for Business account (which does have the described functionality).
I don't think anyone is saying anything that isn't well known, but these basic features probably shouldn't be one of those features you put behind the red velvet cardon, which I suspect is the real reason it isn't integrated.
If the fear is users daisy-chaining a bunch of free accounts together to maximize space (which I would suggest can be done anyways in other ways), MS could at least make this a feature that sits behind the paid subscription (or a dozen other ways).
The business argument would then be modelling it as it currently is disincentivizes paying customers in favor of seeking a (potentially free) work-around (or worse, a competitor).
I'd also venture that the password-protected link sharing is really a solution to a different problem - sharing documents with users who sit outside the Microsoft ecosystem; if you look at it like this, it's clear a step is obviously missing, which raises the real question of why is it missing (and there's obviously a reason).
Link Expiration and Link Password are great additions, but are no substitute for named account permissions. We need to be able to ensure that only specific people have access to certain files or folders, so we need account permissions in addition to link sharing. We also need to be able to either navigate the Shared folders and files and check permissions or list users with access to these folders and files.
I am not sure why this feature was removed from OneDrive. There are several ways you can add this again and still keep the sharing process simple for users that do not want to bother with advanced sharing, or require people to have a Microsoft Account. You can even put an option in Settings to allow users to enable or disable this Secure/Advanced sharing feature for their OneDrive account.
This is a must and severely limits the usability of OneDrive sharing for a lot of security concerned customers. Especially OneDrive Premium paying customers who wish to make OneDrive their single or primary cloud storage service. I know a lot of Microsoft customers turn to other cloud storage services for secure sharing, but wish they cloud use OneDrive for that as they already pay for Office.
Please give more attention to this matter. We would love to have a more similar and consistent experience across the consumer and business products and have the same sharing features we have on OneDrive for Business . Or, at least the ones that can be implemented without the required supporting infrastructure.
I have nothing against 'password-protected sharing links' for occasional sharing of unimportant things. However, when sharing with another Microsoft account, one can use 2nd factor auth, the recipient can change its MS account pw and so on. It is imho an essential thing to have for cloud storage. You should stop 'thinking about it' and bring back what once already worked!
The current INSECURE public links are unacceptable. These can be forwarded, posted, sniffed etc.
We are paying customers and expect the option of secure sharing with family or friends. Links should be checked against MSA logins if a sharer wants to share securely.
Business OneDrive does have a weird 'secure' sharing to non-AD users emailing links and then PINs. I still don't consider that particularly secure but it is way better than emailing public links.
This is security 101 stuff. A customer says to share with a person, they expect only that person to be able to access the shared data.
I like this idea. I just mis-fired a link to a wrong email address. I hoped that by changing the name of the file/folder that the path would be changed and protect the information that went to the unintended location. Then, all I would have had to do was re-send the link to the corrected address list, but the path still led to the same place. Also, the "permissions" to allow only viewing, not editing seems not to work. I was able to access and to edit the content name on my wife's device which did not just edit it on her device, but also in OneDrive. Seems that some improvements are needed...so far the cloud seems to have editing and security of the vintage 1980s or 1990s.
FYI I've updated the title to reflect that this request is scoped to OneDrive Personal.
Note that OneDrive for Business already supports secure sharing both inside and outside of an Office 365 organization.
Nicalaus West commented
Google Drive does this so easily that I was seriously surprised that Microsoft's OneDrive didn't do it too.
It is absolutely unacceptable for Microsoft to not have this as an option. I understand not wanting to confuse casual users, so why not have "basic sharing" enabled by default on new accounts. Advanced users can enabled "advanced sharing" in the O365 control panel if they want/need this feature. That allows casual users to have an easy experience and advanced users the ability to enable features that they need.
James D commented
Potential work around... But unsure if this is secure.
1) Create a sharing link that is password protected
2) Send link and password to the person you want to share with
3) They open the link and enter password (They are already logged in with their own Microsoft account)
4) They add the folder to their one drive, which creates a named share on the folder
5) I then remove the password protected link as it is no longer needed
This appears to have created the desired result of an identity driven share without a public self authentication url being generated and sent out.
My worry is that there is a public url generated in the background it's just I don't know it! Confidence in the security of One Drive sharing is low.
James D commented
This is very unclear that this is how it works. I've recently discovered that personal folders I thought I had specifically shared with an individual could have been accessed by anyone with the link sent out in the email. Why is it not possible to securely share with a specific set of identities that require authentication to access shared content!
Christian Wagner commented
Using a paid Office 365 account, I was expecting better security, when sharing by email. I will have to look for a different provider for secure sharing and I fully agree with the following comment:
>> Sharing a folder "by email" is almost as insecure as sharing a folder "by link". When you share a folder "by link", the normal user understands the anyone who gets the link can access the files, so you know to tell the recipients not to forward the link. But when you share a folder "by email", I'm sure that the normal user expects that OneDrive controls who can or cannot access your files, but in actuality, it just creates a link that anybody in the world can use to access the files. So when you share "by email", you also need to tell the recipient to never forward the link, and you need to trust them to keep the link secret. Although it is not at all clear from the user help, the current security is based on how much you trust your friends to keep the links secret, not on any kind of user authentication provided by OneDrive. OneDrive Home should be fixed so that you can share files only with the users you select, and you should be able to trust that OneDrive will disallow access to those files to all other users, regardless of whether they got the link from someone else. In other words, OneDrive should first authenticate the user, then verify that that user is on the list of permitted users, before giving access to the files shared "by email". <<
I came hear after struggling to understand what I had done wrong. I specifically did not create a link, because I didn't want unauthorized users to get access. Instead, I e-mailed and invited only approved users to a certain shared folder. To my horror, I found that if the recipient shared the link, it effectively made access to my folder public!!! This is a security disaster. Please fix ASAP -- if a user is shared by e-mail invite, then that user should only gain access if signed in with the invited e-mail address. And that user must not be able to forward the share.
Sean W commented
Douglas Pearce have you redirected this to /dev/null? its been more than 2 years since this was feature was removed and you've been thinking about it for more than 18 months.
Why not just come out and say "It's been removed so you have to pay more for Office 365 - live with it or go somewhere else. We're ok to provide an insecure file sharing service... if users are dumb enough to use it then they deserve what they get."
Keith Enevoldsen commented
I also found OneDrive sharing "by email" to be surprisingly insecure. (I'm using One Drive Home version in April 2018. There may be other options with other versions.)
Sharing a folder "by email" is almost as insecure as sharing a folder "by link". When you share a folder "by link", the normal user understands the anyone who gets the link can access the files, so you know to tell the recipients not to forward the link. But when you share a folder "by email", I'm sure that the normal user expects that OneDrive controls who can or cannot access your files, but in actuality, it just creates a link that anybody in the world can use to access the files. So when you share "by email", you also need to tell the recipient to never forward the link, and you need to trust them to keep the link secret. Although it is not at all clear from the user help, the current security is based on how much you trust your friends to keep the links secret, not on any kind of user authentication provided by OneDrive. OneDrive Home should be fixed so that you can share files only with the users you select, and you should be able to trust that OneDrive will disallow access to those files to all other users, regardless of whether they got the link from someone else. In other words, OneDrive should first authenticate the user, then verify that that user is on the list of permitted users, before giving access to the files shared "by email".
In the meantime, if Microsoft is not going to fix sharing "by email" to be more secure, then it needs to revise the wording of all the help text about sharing "by email" to make it clear that it is almost the same as sharing "by link" and that anybody in the world who gets the link will be able to access the files.