Dropbox is beefing up security by allowing the use of USB key as part of a two-step authentication process when users log onto their accounts. Here’s how it works.
Specifically, Dropbox is adding support for security keys that follow the FIDO Universal 2nd Factor (U2F) open standard and only for the Chrome browswer for now.
If you want to add an extra layer of security to your Dropbox with one of these USB keys, you need to log into your account on the Chrome browser and go to the Security tab in the account settings page. Click Add next to the Security keys tab.
If you do turn this feature on and log in through a web browser other than Chrome or if you don’t have your security key on you, two-factor authentication will still work. You’ll just get a code sent you through text message or an authentication app.
Dropbox is touting the use of U2F keys as one of the safest way to log into your Dropbox account.
“Security keys provide stronger defense against credential theft attacks like phishing. Even if you’re using two-step verification with your phone, some sophisticated attackers can still use fake Dropbox websites to lure you into entering your password and verification code. They can then use this information to access your account,” Dropbox said in a blog post.
[Via Dropbox Blog]