Generally, when you sign in to your account on any service, you provide two pieces of information, your username, and password. This is a tried and tested system, but it has some flaws. Firstly, people are bad at making secure and unique passwords. Data from hundreds of data breaches repeatedly shows that the most common passwords are things like “Password.” This makes it easy for hackers to attempt to guess people’s passwords. All they need to do is try the most popular few passwords on as many usernames as they can, and they’re bound to have some success.
A security feature called two-factor authentication, however, offers significantly increased levels of account security. Two-factor authentication, or 2FA, links a physical device to your account, often your mobile phone. When you attempt to sign in to your account, you’re required to approve the login attempt via your phone.
You can generally approve login attempts in one of three ways. You can get sent a confirmation code via text that you need to enter on the website or app. A confirmation code can be sent to a configured 2FA app that you then have to enter on the website or app. Alternatively, you can have an “Approve/Deny” push request sent to your 2FA app, where you can directly approve or deny the login attempt from the notification or app, rather than having to enter a code.
To be able to access an account protected by 2FA, a hacker not only has to correctly guess your password but also have access to your second-factor device too, which is a much higher bar to pass.
Enabling 2FA in Dropbox
If you want to enable two-factor authentication in Dropbox, you need to do so through your security settings. To get there, you first need to sign in to the Dropbox website. From there, click on your profile icon in the top-right corner, then click on “Settings.” Once you’re in the settings, switch to the “Security” tab and click the “Two-step verification” slider to the “On” position.
Tip: Sometimes 2FA is referred to by different names, such as “Two-step verification” or “Multi-factor authentication.” These names aren’t wrong, but two-factor authentication is the de facto standard name.
In the confirmation box, click “Get started,” then enter your password to confirm that you’re the legitimate owner of the account. Now you’ll need to select whether you’d rather use SMS-based or authenticator app-based 2FA.
SMS-Based 2FA Instructions
If you chose SMS-based 2FA, you need to complete the first step to enter your mobile number. You’ll receive a text shortly after you click “Next” with a six-digit confirmation code. Copy the code into your web browser and click “Next” as instructed to verify your mobile phone. Once you’ve done this, you’re all set; enter the new code you’re sent each time you log in.
App-Based 2FA Instructions
If you chose app-based 2FA, then the first thing you need to do is install an authenticator app. Dropbox recommends the following apps as specifically working with their service. Although others may also work.
- Google Authenticator (Android/iPhone)
- Duo Mobile (Android/iPhone)
- Microsoft Authenticator (Android/iPhone)
When the authenticator app is installed, scan the QR code with the app to add your Dropbox account. Once the code has been scanned, enter the confirmation code, then click “Next” to verify and enable 2FA.
2FA is the current gold standard for account security. By following the instructions in this guide, you can enable 2FA to keep your Dropbox account secure.