Dropbox has just enabled two-step verification for everyone. Users can increase the security of their accounts by following a few simple steps. Enabling the feature is a good idea even if you don't think you store any valuable or secret info on Dropbox.
But there are a few people that should probably hold off on enabling it, ironically, exactly the kind of people that are going to be the most interested in the feature.
1Password, a popular password manager, recommends that its users not enable two-step verification, at least for the time being.
That may seem like strange recommendation, but it makes sense because of the way 1Password works by storing the encrypted data, with all of your passwords, in your Dropbox folder.
The problem with this is that, if you somehow lose access to your Dropbox account, i.e. you lose your phone, then you lose access to all of your 1Password data.
What's more, if you made a really poor decision and stored your Dropbox backup code with 1Password and only with 1Password, you're really stuck.
"Now, suppose you are traveling and your phone gets stolen or damaged. If you don’t have access to a computer or device that is already linked to your Dropbox account, you won’t be able to reset two-step authentication," 1Password explained
on its blog.
"You won’t be able to access your 1Password data, which in turn means that you won’t be able to access many of the accounts and services you need. At least, you won’t be able to until you either get to the piece of paper where you wrote down your backup code or get to a computer or device that is already linked to your Dropbox account," it detailed the problem.
This applies to any other app that works with Dropbox to store data, but 1Password is probably the worst-case scenario. However, you can enable two-step verification even if you use 1Password, as long as you take a few measures.
First and foremost, make sure your backup code is safe. You can write it down or you can take a photo of it and store it somewhere safe, better yet do both.
Second, backup your important data, put the 1Password data in another folder on your computer, put it on a CD and keep it somewhere safe along with Dropbox credentials and the backup code.