Dropbox has experienced three high-profile instances of security problems in the past year or so, with the latest instance concerning usernames and passwords being stolen from other websites and their accounts accessed. In response to the latest incident, Dropbox promised it would add “two-factor authentication.” This means you need two proofs of identity, such as your user password and a code sent to your phone, to gain access to your account.
“Two-step verification is an optional but highly recommended security feature that adds an extra layer of protection to your Dropbox account,” Dropbox writes. “Once enabled, Dropbox will require a six-digit security code in addition to your password whenever you sign in to Dropbox or link a new computer, phone, or tablet.”
Google also offers two-step authentication for its accounts. This feature was spotlighted recently when Wired writer Hat Honan had his accounts hacked. Honan did not have two-factor verification turned on and regretted that decision. “Had I used two-factor authentication for my Google account, it’s possible that none of this would have happened, because their ultimate goal was always to take over my Twitter account and wreak havoc,” Honan wrote at the time.
In light of all this, it’s nice to see Dropbox adding this option. To start using two-factor verification, you’ll need to first download the latest beta version of Dropbox’s desktop client (links here). Then follow the step-by-step instructions here. Once you follow the instructions, you can login into your account using a one-time text message or a code that can be sent to various mobile apps like Google Authenticator or Amazon AWS MFA.
If you don’t feel like downloading the beta to try out two-step verification, just hold tight. Dropbox has indicated that it will roll out the feature to all user accounts in the next few days.
Copyright 2012, VentureBeat