29 September 2012

Dropbox Logo

We needn’t be reminded of the fact that in July, Dropbox was hacked with usernames and passwords of account holders compromised via third-party sites. Since the hacking incident happened not long ago, it remains to be a furiously debated topic among techies. Close to 300 accounts were compromised and sensitive personal data was stolen. That’s when Dropbox woke up to the reality that it definitely needs to tighten the screws on security to avoid encountering another hacking incident. Finally, after a month, Dropbox has come up with a two-step verification process for all its accounts.

To enable or not to enable, that’s the question.

Before we go about the enabling process, let’s make one thing very clear. The two-step verification process is still in its experimental phase. So, you need to make sure that you’re comfortable dealing with a software that may at times run into unexpected problems. Dropbox is planning to release the verification process in a phased manner to all users soon. Although the verification process is optional, it’s highly recommended as this process gives accounts an extra layer of protection. The two-step verification process makes sure that each account holder keys in 2 sets of verification codes while trying to sign in. This, the company suggests, will keep user accounts safe.

How does the verification process work?

The two-step verification process can be enabled rather easily. Once you enable the two-step verification process in your Dropbox account, which would otherwise be disabled, you would be asked to reenter your current password to confirm your verification decision. After enabling, you’d be given a choice of receiving your security code either as a text message or through a mobile app. Each option comes with its own set of virtues. If you own a smartphone, going in for the mobile app would serve you better while if you are a non-smartphone user, then choosing to receive a standard text message will work.

Choose to receive the security code as a text message:

• All you need is a cell phone that can receive text messages.
• While setting up the two-step verification process, you need to select the ‘use text message’ option.
• Provide the phone number that you’d be using to receive authentication messages.
• You will then receive a security code as a text message.
• All you need to do now is verify your phone number and key-in the security code when requested.
• Every time you sign in to your Dropbox account, you will receive a text message on your verified phone number.

Choose to receive the security code using a mobile app:

• Any application that supports time-sensitive one time password protocol can be used to sign in to your Dropbox account.
• At present, Dropbox extends support to Google Authenticator, Windows Phone 7 Authenticator and Amazon WS MFA running on Android only.
• To be able to use mobile app, you have to select ‘use the mobile app’ during verification process.
• You can authenticate the app by scanning the QR code or by manually entering the secret key in to your app.
• A security code will be generated by your mobile authenticator after configuring your app.

Another layer in the protection system:

Here’s another point that needs to be noted. Even before you enable the two-step verification process, a 16 digit backup code will be sent to you. You have to keep this backup code safe. If ever you lose your mobile phone and can’t receive any security codes, you can still access your Dropbox account by keying in this security backup code.

What makes it important?

We need to know why it’s important to enable this two-step verification. The verification process keeps your accounts safe

• Even if your password has been compromised.
• Even if you lose your mobile phone.
While this new two-step verification process doesn’t make your Dropbox account foolproof, it surely makes it harder for hackers to gain access to your account. Adding another layer of security is always welcome in this era of hacking and information theft. And no security measure is too stringent or too lenient. Being safe and secure is a good option even when you feel that the information is not sensitive enough to be guarded. All it takes is a small leak and a small link that can make you and your personal data vulnerable to hackers.

About Athor: 

This article has been brought to you by MyTechHelp – a leader in providing support across various products brands and tech devices for individuals and small businesses in need of instant tech help.apple tech support