Dropbox now supports USB U2F two factor authentication to protect users from phishing during the login process
Dropbox has added two-factor authentication to its cloud services, in the form of a USB dongle that adds Universal 2nd Factor (U2F) security keys as an additional method for verification.
After typing in their password, users will be able to insert their key into a USB port rather than typing in the six-digit code as per usual.
“Unlike two-step with a phone, you’ll never have to worry about your battery going dead when you use a security key,” said Dropbox.
“Making sure only you can access your account is an important part of keeping Dropbox safe. Today, we’re adding Universal 2nd Factor (U2F) security keys as an additional method for two-step verification, giving you stronger authentication protection.”
The USB keys need to be following an open standard in authentication called the “FIDO Universal 2nd Factor (U2F) from the FIDO Alliance. This U2F key can then be set up with your Dropbox account and any other U2F-enabled services, such as Google.
Dropbox’s U2F is only supported in the Chrome browser currently, and signing in from a device of platform version of U2F isn’t supported either.
It’s worth noting that, whilst this will increase the security of a user’s Dropbox account, it only increases security insofar as the login process in concerned. The U2F doesn’t add any protection at all to the data residing on Dropbox’s servers, which despite being encrypted, is still susceptible to attack and breach by those who hold Dropbox’s encryption keys.