Dropbox rolls out two-step verification option for enhanced security


After admittedly being hacked last month, cloud storage service Dropbox has decided to amp up its security features. We mentioned in our previous post that one of the changes that it plans to implement is two-factor authentication. Just recently, the Dropbox team rolled out its two-step verification option to add an “extra layer of protection” to your account.

To enable this feature, go to your Dropbox security page (in the Account Sign-In portion under the Settings menu) and enable the Two-step Verification option. After which, a setup wizard will guide you in allowing your Dropbox account to be associated with your mobile phone number. Once you’re done with that, you will then receive a text containing a six-digit verification code that you must use anytime you attempt to log in to your account.

Here’s another option: if you have a smartphone—whether it’s Android, BlackBerry, iOS or Windows Phone—you can download the authenticator app and generate a new time-based one-time passcode. You can choose to either scan the barcode or to enter your secret key manually to generate a security code you must type into the app.

Digital Inspiration suggests that if you already have Dropbox setup on your mobile device or devices, it would probably be a good idea to unlink them from your Dropbox account and relink them again. This will activate two-step verification on these devices.

After setting up the two-step verification feature, Dropbox will provide you with an emergency backup code that you can use if ever you lose access to your phone or cannot receive or generate a security code. If the phone that’s linked to your account gets stolen, you will need the emergency code to regain access into your account.

Once the feature is enabled, you must download the latest installers for the Dropbox desktop client (1.15.12), as the latest version now has a new software build to support the two-step verification login process.

Another interesting security feature—which is similar to that of Facebook—is the email notification you can opt to receive every time an unrecognized device logs in or when a new device is linked to your account.

With these new improvements in security measures—although they don’t assure total security—we hope that they could be enough for us to finally sleep soundly at night, without fear of our files being hacked in the cloud.

Sources: Mashable, TheVerge, SlashGearDigital Inspiration