Dropbox introduces 2-factor authentication
Posted on 27 August 2012.
Early this month, popular file hosting service Dropbox confirmed an internal breach the resulted in its European users receiving spam advertising gambling websites, and announced a number of new security features - among them was the introduction of optional two-factor authentication.


Less then a month later, this security measure has been introduced for early adopters.

"Two-step verification adds an extra layer of protection to your account by requiring an additional security code that is sent to your phone by text message or generated using a mobile authenticator app," explained a Dropbox employee on the service's forum.

To enroll, users are required to enable two-step authentication on their accounts and to download the latest forum build version (1.5.12) of the Dropbox client.

Receiving SMS-based six-digit security tokens might be still difficult for users outside the US, as whether they will receive these messages or not depends on whether their own mobile providers deliver international messages.

"We're working hard on adding more carriers, but in the meantime, using the offline app instead of SMS is best," a Dropbox employee wrote.

The offline app will be familiar to all users who have enabled two-factor authentication for their Gmail account and are using the Google Authenticator app. Other applications that can be used are Authenticator (for Windows Phone 7 users) and Amazon AWS MFA (for Android users).

And just in case the users lose their smartphones or are unable to obtain the codes in a timely fashion, upon setting up two-factor authentication they will be provided with a 16-digit backup code they can use to unlock their account.






Spotlight

Targeted attack protection via network topology alteration

Posted on 17 October 2014.  |  This article from Trend Micro tackles how network topology can aid in defending the enterprise network from risks posed by targeted attacks.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Oct 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //