Can I use two-step authentication with Dropbox?
I'm using Dropbox to share highly confidential files with an investigator and need to be completely sure that no-one other than myself ever access the files. I know Dropbox uses SSL connections and my account is protected by a password, but I want a higher level of security. Can I set up a two-step verification or authentication process so it requires me to both know my password and receive a text message on my cellphone to log in?
You have an interesting situation and it sounds like your need for confidentiality is higher than for most of us. My first thought is that if I were in your shoes is that I'd be using a separate encryption system like PGP (it stands for "pretty good privacy" but in fact it's a powerful and secure public-key encryption system) as a way to encrypt the file before you upload it to DropBox, then for the receiver to decrypt it once safely downloaded. You can learn more about PGP and grab some software to test at GNUPG, if you're curious.
In terms of working with Dropbox, you're in luck as they just recently introduced a two-step verification system just like you're asking for (and just like what's available on Gmail and PayPal, among other smart sites). The idea is that to get into the account you need two things, instead of just one: your account credentials and access to your registered cellphone so you can retrieve the one-time use code from a text message that Dropbox automatically sends you on login attempt.
To set it up, you'll need to go to the Dropbox Web site, then choose "Settings" from the menu on the top right:
Once you've done that, you'll see a bunch of different options. What you want is along the top tab bar, however:
Click on "Security", then look near the bottom of that page for this block of info:
To enable two-step verification, click on "(change)" adjacent to the current status "Disabled" on the last line.
An informational pop-up appears to explain what you're about to change:
Looks good. Click on "Get started" to proceed. You'll need to enter your password again for verification purposes (you certainly don't want someone else putting this on your account!) then you'll be presented with two possibly ways to use the 2-step purpose:
My preference is to use text messaging because then it doesn't require a specific app to be installed on my phone and since I'm often running early release or beta software, apps on my phone are notoriously ephemeral anyway. If you'd prefer an app, click "Use mobile app" before proceeding.
Either way, click "Next" to continue.
As expected, Dropbox needs to know your mobile phone number. For what I hope are obvious reasons, don't enter a number that cannot receive text messages! :-)
Enter your cell and again click on "Next".
While you're looking at that and wondering what to do, a text message with a six-digit (one time) code should be sent to your phone. It'll look like this:
I enter the specified code -- 656126 -- and my Dropbox account is ready to set up for two-step verification. Only thing is, what happens if I lose my phone? They've got that covered too:
Since it's easy to get a new phone and use a SIM card to have it receive your text messages, I don't worry about this backup. Plus, I always have my phone.
That's all there is to it. You've just set up two-step verification for your Dropbox account. Note that only adds a new layer of security to your access as the account owner. It doesn't make the stored documents or your colleagues access any safer or more secure. That's where something like PGP might well come in handy, as I mentioned earlier.
In any case, a good lesson on security, thanks for the interesting question!
More Useful Computer and Internet Basics Articles:
✔ How do I blur my house on Google Maps Street View?
I was poking around on Google Maps looking at satellite views of my neighborhood and when I switched to street view, was upset...✔ Create a custom vanity URL for Kickstarter?
I was reading some updates on Twitter and saw someone had posted a URL that would let me see what projects they'd backed...✔ Export or Save Subscription List from Google Reader?
Just heard that Google Reader is going away this summer. That stinks! How am I supposed to read my RSS feeds? More importantly,...✔ Shrink or Reduce a Photo File Size on Mac?
I'm trying to upload some photos to a social media site and it's complaining that they're too big. They are, as they come...✔ Can I organize my Yahoo Mail with folders?
I've been on Yahoo Mail for years and while most of my friends are now on Gmail or their own Web-based email programs,...
Let's stay in touch!
Sign up for my weekly AskDaveTaylor Newsletter and you'll receive even more tech and gadget help right to your inbox, along with exclusive news and industry updates. It's good stuff. I promise!
I do have a comment, now that you mention it!
Check This Out Too...
Look for Answers
All Our Categories
Apple iPad Help
Articles and Reviews
Auctions and Online Shopping
Blogs and Blogging
Building Web Site Traffic
Business and Management
Computer and Internet Basics
d) None of the Above
Google Gmail Help
Google Plus Help
Industry News and Trade Shows
iPhone and Cell Phone Help
iPod, Sony PSP and MP3 Player Help
Kindle Fire Help
Mac OS X Help
Pay Per Click (PPC) Advertising
Search Engine Optimization (SEO)
Shell Script Programming
Tech Support Video Help
The Writing Business
Twitter, LinkedIn and Social Network Help
Unix and Linux Help
Video Game Tips and Help
Windows PC Help
Find Me on Google+
ADT on G+