Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • Cybersecurity
    • Small Business
    • Storage

    Dropbox Introduces Two-Step Security Authentication

    By
    Nathan Eddy
    -
    August 27, 2012
    Share
    Facebook
    Twitter
    Linkedin

      The online storage and file-sharing site Dropbox is rolling out two-step security authentication in the wake of high-profile security breaches affecting Dropbox users and other cloud-based companies. The company announced the news via one of its community tech forums. Two-step verification, offered by sites like PayPal, adds an extra layer of protection to an online account by requiring an additional security code that is sent to the user’s phone by text message or generated using a mobile authenticator app. “We’d like to give our loyal forum viewers a chance to try it out first,” the post said.

      Once enabled, Dropbox will require a six-digit security code in addition to the user’s password whenever they sign in to Dropbox or link a new computer, phone or tablet. Dropbox gives users the option of using a third-party authenticator application, with support for apps on Google Android, Apple iOS, BlackBerry and Microsoft Windows Phone devices. For security reasons, users will then be asked to re-enter their password to confirm the decision to enable two-step verification. Once this is done, the user is given the choice to receive the security code by text message or to use the aforementioned mobile apps.

      If users choose to receive the security codes by text message, whenever they successfully sign in to Dropbox using their password, a text message containing a security code will be sent to their phone. For mobile apps, any app that supports the Time-based One-Time Password (TOTP) protocol should work, including Google Authenticator (for Android devices, iPhone and BlackBerry smartphones), Amazon Web Services (AWS) Multi-Factor Authentication (MFA) (for Android), and Authenticator (Windows Phone 7). Before enabling two-step verification, users receive a special 16-digit backup code.

      The company asked trial users to ensure they have the latest forum build (1.5.12) installed before visiting a specific URL link to try out the feature. The link will then send users to the security tab for the account, where in the “account sign in” section near the bottom of the page, users will find the two-step verification option. Users can start the setup process by clicking on the “(change)” link. “We’d appreciate it if you would unlink & relink your account after enabling two-step verification, and report your experiences in this thread,” the post requested.

      The company’s investigation into the security incident earlier this summer revealed that usernames and passwords stolen from other Websites were used to sign in to a number of Dropbox accounts, including one belonging to a Dropbox employee that contained a “project document” with user email addresses. According to the company, the document is believed to have been used to launch the spam campaign. Following the breach, Dropbox users in Holland, Germany and the United Kingdom began reporting on a Dropbox user forum that they were receiving spam for gambling sites. The ensuing complaints led to suspicions that Dropbox had been hacked.

      Nathan Eddy
      A graduate of Northwestern University's Medill School of Journalism, Nathan was perviously the editor of gaming industry newsletter FierceGameBiz and has written for various consumer and tech publications including Popular Mechanics, Popular Science, CRN, and The Times of London. Currently based in Berlin, he released his first documentary film, The Absent Column, in 2013.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×