Dropbox adds support for FIDO U2F secure authentication

Cloud storage giant Dropbox announced to its 400 million users that it supports FIDO U2F for strong two-factor authentication.

Dropbox users can now protect their files with U2F-powered devices in addition to the current feature of a one-time code sent to a mobile phone.

“Once you have a key, go to the Security tab in your Dropbox account settings and click Add next to Security keys. Currently, U2F is only supported for dropbox.com using the Chrome web browser. Signing in from a device or platform U2F isn’t supported, or don’t have your key on hand? Don’t worry — you’ll still have the option to use two-step verification through text message or an authenticator app,” said Patrick Heim, Head of Trust and Security at Dropbox.

FIDO U2F removes cost and complexity from traditional public key and smart card technology. The emerging open authentication standards initiative was co-created by Yubico, Google and NXP, and contributed to the 200-member strong FIDO Alliance.

Dropbox is the first major non-FIDO member to recognize the security advantages of FIDO U2F and offer those benefits to its customer base. Membership is not a requirement for adopting FIDO U2F.