Safety

DropYet is seperated in two different modes. In a private mode and a public mode. Your settings will be saved from mode to mode but your date will be handled separately.
All files you upload in the private mode, are only accessible if you are logged in. Without a password no one can access your data. For this to work, you have to enable cookies in your browser. The cookie will be saved for one hour on your computer. Do not be surprised, if your data is still accessible for after logging out. Only you can see this data and only for one hour. If you was logged in for a long time, but not active, you may be have to re-login before you can access your data.
In public mode, you can upload data like you do in private mode, but you can share this data with your friends and family. An indicator for the mode you are actually in is the yellow globe or the green lock. It depends on in which mode you are right now.
For better data security, we recommend to encrypt your data via ssl. Simply visit http://www.checkdomain.de and order a free ssl-certificate. Follow the instructions on the page. Then add the following code in the “.htaccess”-file in the main directory (please change to your url):

RewriteEngine On
RewriteCond %{SERVER_PORT} !=443
RewriteRule ^(.*)$ https://www.yoururl.com/$1 [R=301,L]

Header set Strict-Transport-Security "max-age=31536000" env=HTTPS

The new function in version 2.2 indicates if your connection is encrypted or not. Just click on the menu item “Security”.
Since version 2.4.0, DropYet can now analyze your password, by clicking on the “Security”-Tab.

Attention: Since we have introduced the SHA512-password encryption with version 2.4.4.1, it is no longer possible to analyse your password. The SHA512-encryption is safe, but nevertheless we recommend you the use a password which has these characteristics: As long as possible, unique, many different characters as well as special characters.

To keep your data truely invisible for users that are not logged in, DropYet has the so called Security-Code since version 2.4.6.6, which can now also be manually renewed via “Security” in the settings.