Worried about the security of your Dropbox files, even if you use two-step verification? Dropbox has your back now with a new USB key-based system to ensure that you are the only one able to access your files in the Dropbox cloud.
“Today,” Dropbox writes on its website, “we’re adding Universal 2nd Factor (U2F) security keys as an additional method for two-step verification, giving you stronger authentication protection.”
Security keys are super easy to use — simply plug in the USB drive when you sign into Dropbox, instead of using a texted six-digit code, which some sophisticated hackers can intercept using fake Dropbox websites and phishing techniques. As long as you have physical access to your USB key, and you know your password, you’ll get into Dropbox.
These USB keys provide cryptographic verification that you’re signed into the real Dropbox website, as well, offering yet a third layer of protection against phishing.
You’ll need to grab a USB security key for about $20 that conforms to the FIDO Alliance standards for these devices. It can work with Dropbox as well as any other U2F-enabled services like Google (who co-created the standard with startup security company,Yubico).
Once you get the USB key, you can go to the Security tab in Dropbox account settings and click Add next to Security Keys. You’ll need to use Chrome for now, as Safari isn’t supported yet. If you don’t want to use Chrome, or have left your key at home, say, you can still use the regular text message-based two-step verification system.