Dropbox has jumped on the two-factor authentication (2FA) bandwagon with changes to their mobile app. Now, when an attempt is made to log into your Dropbox account, a notification is sent to your mobile device where you can tap a button to authenticate your identity. There’s no code to enter.
This new authentication method complements other efforts Dropbox has recently made such as the use of a USB key that uses the FIDO Universal Second Factor standard, and tradtional 2FA using either a code or authenticator app.
Instructions for using 2FA can be found on Dropbox’s support site.
Along with using a VPN whenever your connected to a public network, I’m moving to the belief 2FA is becoming mandatory. I’m enabling it for every service that supports it (or some other system that is safer than traditional username/password) and looking to ditch any service that doesn’t support it.
What about you? Is 2FA or some other strong form of authentication now a mandatory requirement for all your apps and services?