Sharing a cloud file feels effortless — paste a link, hit send, and the job seems done. But that same link can expose an entire folder, let strangers edit your work, or stay active for months after a project wraps. The most important habit you can build is choosing the narrowest permission that still gets the job done, then revoking access the moment you no longer need it.
I’ve watched clients accidentally expose draft budgets, client contracts, and personal photos through a single misconfigured share link. The fix is not complicated — it takes two minutes once you know where to look. Here is how to share cloud files securely across Google Drive, OneDrive, and Dropbox.
Quick Answer
To share cloud files securely: change General access from “Anyone with the link” to a specific person’s email, set the role to Viewer unless editing is required, and disable or expire the link when collaboration ends. These three steps prevent the most common oversharing mistakes without adding friction.
What Does “Sharing a Link” Actually Do?
Viewer, Commenter, and Editor: What Each Role Means
Three permission levels appear in every major cloud service. Viewer lets the recipient read and download the file but not change it. Commenter adds the ability to leave notes without altering content. Editor gives full control — including the ability to delete, rename, and re-share the file with others.
I default to Viewer for everything I send externally. Commenter works when someone needs to give feedback without touching the content. I only grant Editor when the other person is actively building something alongside me, and I revoke it the moment that phase ends.
How Do Link Types Compare Across Services?
| Feature | Google Drive | OneDrive | Dropbox |
|---|---|---|---|
| Anyone with the link | Yes (Viewer or Editor) | Yes (View or Edit) | Yes (View only, free) |
| Specific people only | Yes (free) | Yes (free) | Yes (free, up to 100) |
| Password-protected link | No native option | Yes (Microsoft 365) | Yes (paid plans) |
| Link expiry date | Workspace accounts only | Yes (Microsoft 365) | Yes (paid plans) |
Knowing your service’s limits before you share lets you pick the right tool for sensitive files — or build in a manual workaround like a calendar reminder to revoke the link on a specific date.
How Do I Share Cloud Files Securely in Google Drive?
Step 1: Open the Share Dialog
Right-click any file or folder in Google Drive and select Share, or open the file and click the share icon in the top-right corner. The dialog shows the current access level and a list of existing collaborators.
Step 2: Restrict General Access
Click the dropdown under “General access.” Change it from “Anyone with the link” to Restricted. With this setting, only people you explicitly invite can open the file — even if someone forwards the invitation, the new recipient sees an access-denied screen.
Step 3: Invite by Email
Type the recipient’s email address in the “Add people and groups” field. Use the dropdown next to their name to set the role to Viewer or Commenter. Click Send. They receive an invitation tied to that specific Google account — someone else’s Google account cannot open it.
Step 4: Revoke Access When Done
Return to the share dialog, find the person’s name, click the role dropdown, and choose Remove access. For any previously created public links, switch General access back to Restricted — the old link stops working immediately, even for people who bookmarked it.
Pro tip: For a file you share repeatedly — like a client intake form — create a fresh copy for each recipient. One person’s edits never bleed into another’s version, and you can delete each copy cleanly when the engagement ends.
For a broader look at which service fits your workflow, I cover storage limits, pricing, and collaboration tools in my Google Drive vs OneDrive vs Dropbox comparison.
Restricting access to named email addresses is Google Drive’s most secure sharing option: only your invited recipient can open the file, and revoking access is instant from the same dialog.
How Do I Share Files Securely in OneDrive?
Step 1: Right-Click and Choose Share
In File Explorer on Windows 11, right-click the file or folder and select Share. On the web, open OneDrive.com, right-click the file, and choose Share. Both paths open the same sharing panel with identical options.
Step 2: Switch to Specific People
At the top of the share panel, click the dropdown — it defaults to “Anyone with the link.” Select Specific people, then enter the recipient’s email. They must authenticate with that email before OneDrive grants access, which blocks forwarded links from working.
Step 3: Add an Expiry Date or Password (Microsoft 365)
If your account is part of Microsoft 365, click the settings icon in the sharing panel. You’ll see fields for an expiration date and an optional password. I set a 7-day expiry for most one-time external shares — the link dies automatically without any follow-up on my end, which means one less thing to remember.
Step 4: Send the Link
Click Send to email the invitation directly, or Copy link to paste it yourself. Copying is slightly safer because you can inspect the link and choose exactly where it goes before anything is sent.
Troubleshooting tip: If the recipient sees “Access denied” even after you’ve invited them, the problem is usually a folder-level permission overriding the file share. Share the specific file directly from OneDrive.com rather than through File Explorer, and confirm the parent folder is not set to block external sharing at the organization level.
If you encounter sync problems while collaborating on shared files, the most common causes and fixes are covered in my post on what to do when OneDrive stops syncing.
OneDrive on Microsoft 365 offers the most granular controls of the three services at the free tier — expiry and password protection together are a meaningful upgrade over a plain “anyone with the link” share.
What Are the Safest Settings for Dropbox?
On the free Dropbox plan, shared links are view-only by default — already more conservative than most services. To share with a specific person, open Dropbox.com, click Share next to the file, and type email addresses in the invite field. Free accounts can invite up to 100 people per file, each of whom must sign in to view it.
Password protection and link expiry require Dropbox Plus or Business. On the free tier, your practical workaround is to create the link, set a calendar reminder for your target expiry date, and then return to Sharing in Dropbox settings to disable the link manually. It is an extra step, but it beats leaving links alive indefinitely.
Google’s own documentation on sharing files from Google Drive explains additional organizational settings that apply if you use a Google Workspace account through school or work — those accounts often have sharing restrictions your personal account does not, which affects what options you see in the dialog.
Free Dropbox is the safest out of the box for casual sharing because view-only is the default, but paid plans unlock the time-limiting and password features that serious users need.
Which Cloud Sharing Mistakes Trip People Up Most?
- Sharing the folder instead of the file. When you share a folder, recipients see every file inside it — including files you add later. Share individual files unless the person genuinely needs ongoing access to the whole folder.
- Leaving “Anyone with the link” enabled after a quick share. A link forwarded in an email or posted in a team chat gives access to everyone who receives it. Switch back to Restricted or Specific people once your quick share is done.
- Granting Editor when Viewer is enough. Editors can permanently delete content in some services. Start at Viewer and promote only when you confirm the person needs write access.
- Forgetting to revoke access when a project ends. Old collaborators still have access until you remove them. A monthly five-minute audit of your shared files is all it takes — you can start by reviewing shared items from your Google account storage overview, which surfaces files shared with others in one place.
- Posting a share link in a public comment or forum. Search engines index public pages. An “Anyone with the link” file shared in a public forum is effectively public — bots will find it within hours.
Each mistake has the same underlying fix: restrict access upfront, use specific email invites for anything sensitive, and audit once a month.
Frequently Asked Questions
Can someone forward my share link to others without my knowledge?
Yes, if you used “Anyone with the link.” The recipient can forward it and the file opens for anyone who receives the URL. Switch to Specific people or Restricted to prevent this — only named invitees can open the file, even if they copy and paste the link into a new message.
Does downloading the file remove my sharing controls?
Yes. Once a file lands on someone’s device, you have no control over that copy. Setting Viewer access reduces the risk of unintentional edits before the download, but the downloaded file itself is fully in their hands. I always mention this to clients before sending anything sensitive.
How do I see who has accessed my shared file?
In Google Drive, right-click the file, choose View Details, and open the Activity tab to see who opened or edited it. OneDrive shows view activity in the file’s details panel on the web. Dropbox Business includes a link-traffic report. Free-tier tools have limited visibility — another reason to keep shares narrow.
What is the safest way to share a very large file?
Upload to Google Drive or OneDrive, set Specific people with Viewer access, and send the link. Avoid email attachments for large files — they create copies in multiple inboxes with no expiry mechanism and no way to revoke access after the fact.
Can I share cloud files securely from my phone?
Yes. Open the Google Drive, OneDrive, or Dropbox mobile app, tap the three-dot menu next to the file, and tap Share. The same permission options appear as on desktop. I always confirm the access level before tapping Send — the mobile share dialog often defaults to the last setting you used, which may not match the current situation.
Conclusion
Sharing cloud files securely comes down to a single rule: give the minimum access that still gets the job done, and revoke it when the work is finished. Specific people plus Viewer is the right default for almost every external share — it costs you nothing and stops the most common exposure mistakes before they start.
Open the share settings on the last file you sent right now and confirm the access level is what you intended. That one check is worth more than any other step in this guide.