Security Overview

Security is not a feature at Null Drop - it is our foundation. We use a multi-layered approach to protect your data at rest and in transit.

Transport Layer Security (TLS)

All data moving between your devices and our servers is protected by high-grade TLS 1.3 encryption. This ensures that your files and metadata cannot be intercepted by malicious actors during the upload or download process.

Metadata Encryption

We treat your file names and project structures with the same care as the files themselves. Our API uses AES-GCM 256 to encrypt sensitive metadata before it ever leaves our servers, providing a "bulletproof" layer of privacy even for small fragments of information.

Access Control

Because we use Null Pass for authentication, your account benefits from:

Session Isolation: Your authentication tokens are scoped strictly to your current session.
Project Permissions: Only authenticated users with the correct permissions can view or modify private project data.
Public Link Obfuscation: Our public share links use high-entropy tokens that are impossible to guess, keeping your shared files accessible only to those you intend to see them.

Shared Responsibility

While we provide the tools, you can enhance your own security by:

Enabling Two-Factor Authentication (2FA) in your Null Pass dashboard.
Regularly reviewing your active share links and disabling any that are no longer needed.
Using strong, unique passwords for your account.

Security Overview

Security is not a feature at Null Drop - it is our foundation. We use a multi-layered approach to protect your data at rest and in transit.

Transport Layer Security (TLS)

Metadata Encryption

Access Control

Because we use Null Pass for authentication, your account benefits from:

Session Isolation: Your authentication tokens are scoped strictly to your current session.
Project Permissions: Only authenticated users with the correct permissions can view or modify private project data.
Public Link Obfuscation: Our public share links use high-entropy tokens that are impossible to guess, keeping your shared files accessible only to those you intend to see them.

Shared Responsibility

While we provide the tools, you can enhance your own security by:

Enabling Two-Factor Authentication (2FA) in your Null Pass dashboard.
Regularly reviewing your active share links and disabling any that are no longer needed.
Using strong, unique passwords for your account.

Security Overview

Security is not a feature at Null Drop - it is our foundation. We use a multi-layered approach to protect your data at rest and in transit.

Transport Layer Security (TLS)

Metadata Encryption

Access Control

Because we use Null Pass for authentication, your account benefits from:

Session Isolation: Your authentication tokens are scoped strictly to your current session.
Project Permissions: Only authenticated users with the correct permissions can view or modify private project data.
Public Link Obfuscation: Our public share links use high-entropy tokens that are impossible to guess, keeping your shared files accessible only to those you intend to see them.

Shared Responsibility

While we provide the tools, you can enhance your own security by:

Enabling Two-Factor Authentication (2FA) in your Null Pass dashboard.
Regularly reviewing your active share links and disabling any that are no longer needed.
Using strong, unique passwords for your account.