Two-factor authentication is a must on any account that supports it, but it's especially important for protecting your personal files. Dropbox is used for everything from personal to business file storage, which is why it's crucial to secure your account to the best of your abilities and keep those files out of the wrong hands. Luckily, enabling two-factor authentication is a quick and easy process.
How to enable two-factor authentication
There's no way to set up two-factor authentication from the Dropbox app on your phone, so you'll instead need to sign into the website on your computer. Thankfully it's still a simple process, and you might still need your phone throughout the setup process if you use an authenticator app like Authy.
- Click on your profile icon and select Settings.
Under Personal Account, click on the Security tab.
Click the switch next to Two-Step Verification.
- On the following popup prompt, click Get Started.
- Enter your password and click Next to continue.
From here, you'll need to decide whether you want to receive a text with a verification code every time you sign into Dropbox from a new device, or if you'd prefer using a token-generating app like Authy. We recommend the latter, since SMS is much easier to spoof than time-based token generation, but it's ultimately up to you, and either is better than not having 2FA enabled at all.
Use text messages for 2FA
Using your phone number for two-factor authentication is an easy, convenient way to get into your account. Any time you're signing in from a new device, just enter your phone number, wait for a text from Dropbox, and type in the verification code you were sent.
Enter your phone number in the following prompt.
- Once you receive a text from Dropbox, enter your verification code into the next screen.
- Optionally, you can enter a backup phone number in case your main number stops working.
Be sure to store the one-time backup codes somewhere safe, as they'll let you sign in even if you can't receive texts.
- Click Next to finish the setup.
Two-factor authenticator is best when paired with a code-generating app. There's a wide range of apps to choose from, including
Use your authenticator app on your phone to scan the QR code. You can also enter your secret key manually if you're unable to scan.
- Click next.
Then enter the generated 6-digit code on the following screen.
- Optionally, you can enter a backup phone number for Dropbox to text a code to in case your authenticator app stops working.
- Be sure to store the one-time backup codes somewhere safe, as they'll let you sign in even without your authenticator app.
- Click Next to finish the setup.
That's it! From here on out, Dropbox will ask for a verification code along with your password every time you sign in from an unrecognized device. This adds another layer of protection from unwanted access, since even knowing your password won't let someone into your account on its own.
If you want to take it a step further, you can even a physical security key as an additional 2FA method. This only works on a computer running Chrome, but it's a secure and convenient way of quickly signing in.
Hardware recommended in this guide
Titan Security Key
Ultra-secure authentication on your keychain
Google's Titan Security Key is a physical authenticator that lets you instantly sign into supported sites. It's available in USB-C and USB-A/NFC configurations, and there's a Bluetooth option for use with your phone.