To respond a security breach reported by some of the Dropbox users who received spams at email addresses used only for Dropbox, Dropbox offered a few updates to enhance the ever important security and privacy issues. One of them is the long over-due 2-factor authentication that uses your mobile smartphone as the second factor via either text message or the authorized authenticator app.
Here is a quick setup tour showing you how to set it up.
1. Log into your Dropbox account, and access this security page (https://www.dropbox.com/account/security).
2. Scroll down to Account Sign In section, and click Change link next to Two-Step verification to start the enabling wizard.
And click Get Start button to start.
You will have 2 options to choose how you want the security code to be delivered, either use Text messages, or an authenticator mobile app. Text messages is obviously the easiest but for those who live in a country that is not available with the text messaging, the mobile authenticator app works also extremely well.
Here are 3 mobile apps currently authorized:
- Google Authenticator (Android/iPhone/BlackBerry)
- Amazon AWS MFA (Android)
- Authenticator (Windows Phone 7)
Go to next, and type in the security code you received either as text message or from your mobile app.
Write down the backup emergency code from the next window and save it in a safe place. And you are all set.
You can leave your current Dropbox client and app unchanged. But it’s recommended that you unlink all your Dropbox client and mobile app and reconnect them with 2-factor verification. Or at least, review your security account for both My Devices and Web sessions, as well as My Apps to make sure there is no back door left for unauthorized access to your account.
Any new device linked to your Dropbox account will require a security code as the second authentication method, in addition to account username and password. You will receive a security code on your mobile phone every time when a link request is sent.
In general, 2-factor verification is slightly less convenient for you but it’s also much more less convenient for hackers who want to get access to your Dropbox data. It’s highly recommended on the account that holds the most sensible information.