Possible Security Breach, Please Help


#1

So, I am a very new user to rclone and may have made a large mistake. Now to start out, I will explain I have created an rclone google drive and have NOTHING on the drive. However, I gave out perhaps the most sensitive rclone information there is (to my understanding): the entire config file for my drive, including access token information. There is nothing on the google drive when looked at through rclone browser, but I do not understand if there are other security implications at play here or what I can do to protect myself.

I do not have any other drives made in rclone, but I am concerned about someone being able to access my local data (on my computer, not on the web) or getting into other things. I was trying to obtain a large volume of documents for a graduate program I am working on and someone offered to push me the data by getting my rclone config file. This individual I somewhat trust, but I know they have a much better understanding of computers and code than I do.

Please, if you know much about this program, and I see a lot of you do, please tell me what might be at stake. It has been about ten hours since I gave the information out.


#2

What is at risk is only the stuff on the google drive and nothing else. You said there is nothing on the drive so that is good.

If you want to revoke rclone’s access - do this by clicking on settings (the cog on the right) then “manage apps”. You should see rclone - you can then disconnect it from drive.

If you want to use rclone then you can run through the config process to reconnect it. I’m not sure at this point whether the old tokens will start working again or not - you might have to experiment to see.


#3

Thank you so much ncw, for the peace of mind. You have made a great program :slight_smile: