Deploy honeypot documents to find out about unauthorized access

Martin Brinkmann
Sep 12, 2013
Updated • Feb 15, 2014

When it comes to important documents, be they of personal nature, business related or otherwise of importance to you, it is usually best to use encryption to protect them from prying eyes. Encryption protects documents from local and remote access and is usually the best way to make sure that their contents remain protected.

Sometimes though, you may want to know if someone else accessed your personal documents. It may be possible to tell if that is the case locally, for instance by looking at the last access stamp of important files, but that too is not a 100% surefire way of knowing, as those can be edited with the right set of tools.

As far as online storage is concerned, there are even less options to find out. While you get the same information if the files are hosted on a server that you have access to, you are more or less blind if they are hosted on third party servers.

This includes file synchronizations services likes Dropbox, email services like Gmail, and pretty much any other service that allows you to upload files to their servers.

It may be a good idea to test that service with so called honeypot documents to find out if the test documents have been opened and read.


Honeydocs is a free service that does so. You are probably wondering how they are tracking access. It was one of the first things that I wanted to find out. The service uses the same "trick" that Internet marketers use to track users on the Internet or in emails: remote images.

Each document that Honeydocs makes available contains a small remote image that gets loaded when the document is opened. The server records the hit, and you get information about each operation that is recorded, including the IP address used to access the contents, the user agent, city, region and country it originated from, and the timestamp.

honeypot documents overview
honeypot document access
access information

You can create new stings right after you have signed in to the service on the overview page.  Just enter a name and wait for it to be created. Note that free users can create one sting, while paying customers can create multiple.

A click on documents displays a list of specifically prepared documents that you can use for testing. It is also possible to add the tracking to your own documents, but that requires some manual work on your site. Simply add the remote image to them and you are good to go.

Now upload the document to remote hosts or place it on your computer. Whenever someone accesses it, you are informed about that.

Note: The hit will only be recorded if an Internet connection is available. If the program that opens the file, e.g. Word, is blocked from Internet access or if no Internet access is available at the time, the access won't be recorded.

It is interesting to note that Dropbox appears to open those documents when they get uploaded.


Honeydocs' method of tracking document access is not perfect, as it requires Internet access to record the hit, but it is better than no solution at all. It is ideal to test online services that store documents for you, to find out if they read the contents of the documents, or if they do not. While you do not get a 100% guarantee that they do not, it may be reassuring nevertheless.


Tutorials & Tips

Previous Post: «
Next Post: «


  1. ilev said on August 4, 2012 at 7:53 pm

    Doesn’t Windows 8 know that www. or http:// are passe ?

    1. Martin Brinkmann said on August 4, 2012 at 7:57 pm

      Well it is a bit difficulty to distinguish between domains and files for instance.

    2. Leonidas Burton said on September 4, 2023 at 4:51 am

      I know a service made by google that is similar to Google bookmarks.

  2. VioletMoon said on August 16, 2023 at 5:26 pm

    @Ashwin–Thankful you delighted my comment; who knows how many “gamers” would have disagreed!

  3. Karl said on August 17, 2023 at 10:36 pm


    The comments section under this very article (3 comments) is identical to the comments section found under the following article:

    Not sure what the issue is, but have seen this issue under some other articles recently but did not report it back then.

  4. Anonymous said on August 25, 2023 at 11:44 am

    Omg a badge!!!
    Some tangible reward lmao.

    It sucks that redditors are going to love the fuck out of it too.

  5. Scroogled said on August 25, 2023 at 10:57 pm

    With the cloud, there is no such thing as unlimited storage or privacy. Stop relying on these tech scums. Purchase your own hardware and develop your own solutions.

    1. lollmaoeven said on August 27, 2023 at 6:24 am

      This is a certified reddit cringe moment. Hilarious how the article’s author tries to dress it up like it’s anything more than a png for doing the reddit corporation’s moderation work for free (or for bribes from companies and political groups)

  6. El Duderino said on August 25, 2023 at 11:14 pm

    Almost al unlmited services have a real limit.

    And this comment is written on the dropbox article from August 25, 2023.

  7. John G. said on August 26, 2023 at 1:29 am

    First comment > @ilev said on August 4, 2012 at 7:53 pm

    For the God’s sake, fix the comments soon please! :[

  8. Kalmly said on August 26, 2023 at 4:42 pm

    Yes. Please. Fix the comments.

  9. Kim Schmidt said on September 3, 2023 at 3:42 pm

    With Google Chrome, it’s only been 1,500 for some time now.

    Anyone who wants to force me in such a way into buying something that I can get elsewhere for free will certainly never see a single dime from my side. I don’t even know how stupid their marketing department is to impose these limits on users instead of offering a valuable product to the paying faction. But they don’t. Even if you pay, you get something that is also available for free elsewhere.

    The algorithm has also become less and less savvy in terms of e.g. English/German translations. It used to be that the bot could sort of sense what you were trying to say and put it into different colloquialisms, which was even fun because it was like, “I know what you’re trying to say here, how about…” Now it’s in parts too stupid to translate the simplest sentences correctly, and the suggestions it makes are at times as moronic as those made by Google Translations.

    If this is a deep-learning AI that learns from users’ translations and the phrases they choose most often – which, by the way, is a valuable, moneys worthwhile contribution of every free user to this project: They invest their time and texts, thereby providing the necessary data for the AI to do the thing as nicely as they brag about it in the first place – alas, the more unprofessional users discovered the translator, the worse the language of this deep-learning bot has become, the greater the aggregate of linguistically illiterate users has become, and the worse the language of this deep-learning bot has become, as it now learns the drivel of every Tom, Dick and Harry out there, which is why I now get their Mickey Mouse language as suggestions: the inane language of people who can barely spell the alphabet, it seems.

    And as a thank you for our time and effort in helping them and their AI learn, they’ve lowered the limit from what was once 5,000 to now 1,500…? A big “fuck off” from here for that! Not a brass farthing from me for this attitude and behaviour, not in a hundred years.

  10. Anonymous said on September 28, 2023 at 8:19 am

    When will you put an end to the mess in the comments?

  11. RIP said on September 28, 2023 at 9:36 am

    Ghacks comments have been broken for too long. What article did you see this comment on? Reply below. If we get to 20 different articles we should all stop using the site in protest.

    I posted this on [] so please reply if you see it on a different article.

    1. RIP said on September 28, 2023 at 11:01 am

      Comment redirected me to [] which seems to be the ‘real’ article it is attached to

  12. RIP said on September 28, 2023 at 10:48 am

    Comment redirected me to [] which seems to be the ‘real’ article it is attached to

  13. Mystique said on September 28, 2023 at 12:13 pm

    Article Title: Reddit enforces user activity tracking on site to push advertising revenue
    Article URL:

    No surprises here. This is just the beginning really. I cannot see a valid reason as to why anyone would continue to use the platform anymore when there are enough alternatives fill that void.

  14. justputthispostanywhere said on September 29, 2023 at 3:59 am

    I’m not sure if there is a point in commenting given that comments seem to appear under random posts now, but I’ll try… this comment is for

    My temporary “solution”, if you can call it that, is to use a VPN (Mullvad in my case) to sign up for and access Reddit via a European connection. I’m doing that with pretty much everything now, at least until the rest of the world catches up with GDPR. I don’t think GDPR is a magical privacy solution but it’s at least a first step.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.