Skip to main content

Two-factor authentication coming to Dropbox

Dropbox has confirmed plans to roll out two-factor authentication for all accounts in the coming days.

Two-factor authentication requires two forms of identification when signing in - like a password and a code sent in the form of a text message.

"Two-step verification adds an extra layer of protection to your account by requiring an additional security code that is sent to your phone by text message or generated using a mobile authenticator app," Dropbox said in a note on the company's forums. "We'd like to give our loyal forum viewers a chance to try it out first."

That note includes details on how to enable two-factor authentication for Windows, Mac, and Linux. "We'd appreciate it if you would unlink & relink your account after enabling two-step verification, and report your experiences in this thread," Dropbox said.

The company also has more in-depth directions on its help page.

The move comes shortly after Dropbox acknowledged that a recent spam attack was likely caused by a stolen password that allowed access to an employee project document. Dropbox engineer Aditya Agarwal said that stolen passwords and usernames were used to sign in to a "small number" of Dropbox accounts. One of those stolen passwords was used to access the account of a Dropbox employee, which included a document with user email addresses.

After a recent hack of journalist Mat Honan's digital life, meanwhile, the reporter acknowledged that the hackers would not have been able to so easily access his accounts had he enabled Google's two-factor authentication.