The feature has been enabled, but Dropbox is still testing it

Aug 25, 2012 17:31 GMT  ·  By

A few weeks ago, Dropbox was hit with another privacy/data leak issue. One of its employees had his Dropbox account hacked by using the same password for different sites. That's a common mistake, but you'd hope a Dropbox employee would know better.

Long story short, a list of user emails was take from the employee's Dropbox account and those users started getting spam on those addresses, some of which were only used for Dropbox. Not exactly the most damaging of hacks and not exactly the smartest of hackers.

But Dropbox was lucky and it could have been much worse. Dropbox learned it lesson too and among the things it planned on changing and doing was implementing two-step verification.

Two-step or two-factor verification or authentication, all combinations of the term, is exactly what it sounds like, an authentication method which requires two steps.

One is the password, of course, but the other could be a code users receive on their phones or in an email or is generated by an app.

Dropbox is getting ready to implement the feature and has released an experimental version of the client with two-step verification.

"We'll be adding optional two-step verification for all Dropbox accounts sometime in the next few days. Two-step verification adds an extra layer of protection to your account by requiring an additional security code that is sent to your phone by text message or generated using a mobile authenticator app," Dropbox said in a forum post accompanying the experimental Dropbox builds.

Dropbox opted for a phone to use as a backup device. Users can choose to get a text message with the code or use one of the three authenticator apps supported. The feature will be rolling out to all users soon, but if you can't wait a few days longer, you can grab the experimental forum builds and then go to your account settings page and enable the feature.