Dropbox Makes Changes to Improve its Data Security
August 30, 2012
Allison here. Do you use Dropbox to store files and information on the cloud? If you do, you’ll be happy to learn that the cloud storage provider has implemented a two-step verification process to make its user accounts more secure. This security boost comes weeks after Dropbox suffered a security breach.
The two-step verification works by requiring an additional step before logging into your account: providing a six-digit code that is sent to your phone via text or accessed through a mobile app. At first, this two-step verification is currently opt-in, so those who want the extra security will need to download the latest version of Dropbox and follow the instructions. However, within the next few days, all Dropbox accounts with have the two-step verification.
This verification takes place anytime you try to log into your account from a new computer or mobile device (logging into your computer, and then logging in on your iPhone will trigger the second verification). Google already has a similar system in place, which works very well. It can be inconvenient to put in a new code, especially if you use multiple computers or mobile devices but the second layer of security means that a hacker who gets a hold of your screen name and password won’t be able to get into your account and wreak havoc.
If you happen to lose your phone and can’t get in, this verification system does have an emergency backup code, once that can be used if you need to log in on a new computer or device, but can’t because you don’t have your phone to get the six-digit code. Using the backup code will disable the two-step verification, so if you get your phone back or get a new phone, Dropbox (and AllClear ID) recommend turning the system back on.
This is a big step for Dropbox users and other data storage providers who want security to be a number one priority. It’s only a matter of time before other large companies follow Google’s and Dropbox’s example to do better when it comes to protecting user accounts.