Here at Dropbox, we take security very seriously, which is why we’re constantly working behind the scenes to protect your data. There are a few things you can do, too, to add even more protection to your account, like setting up a password manager. But what if your password ever ever did get into the wrong hands? Luckily there’s another step you can take now to help keep intruders out of your Dropbox, even if they do have your password. It’s called two-step verification.
Say someone got a hold of your Dropbox password and tried to sign in. Chances are good that they don’t have your smartphone in addition to your password. That’s where two-step verification comes in.
When two-step verification is enabled, you need two things to access your Dropbox account: your password and your mobile device. When you sign in with your password, you’ll also need to correctly enter a time-sensitive six-digit security code to complete the process. The code can be sent to you via text message or you can receive it using an authenticator app, which can come in handy when you don’t have cell service.
The extra verification step adds one more layer of protection against hackers. So if someone tries to sign in to your account — and they don’t have both your password and access to the latest six-digit security code on your phone — the attempt will fail. To enable two-step verification now, just follow the instructions in our Help Center.
If you’re a Dropbox for Business team admin, you can make two-step verification a requirement for all — or some — of your team members for added security. Once activated, new users will see a prompt to set up two-step verification when they first create their accounts, and existing users will be prompted the next time they sign in to the Dropbox website. For more information on requiring two-step verification, be sure to check out the Dropbox for Business Admin Guide.