In mid-July, a few hundred Dropbox users started to receive spam emails for online gambling sites. Though some did not realize the connection, others started to figure out that these spammers got their information from Dropbox. Two weeks later, Dropbox confirmed that it had been hacked and that these computer scammers had taken several hundred usernames and passwords to access Dropbox user accounts. The majority of the users were from Europe, but the issue is all the same. To help boost security, Dropbox began configuring better security options to ensure that users still felt secure while using cloud storage.
The Two-Factor Authentication Upgrade
Dropbox has upgraded their security and now offers a two-factor authentication. This system will make it harder for hackers to access individual Dropbox accounts and make it virtually impossible for them to gain access to user credentials. As one of the most popular cloud storage services on the Internet, Dropbox is hoping that their two-factor authentication will keep them running and popular, especially now that hundreds of users have seen that online storage has a few security flaws.
How it Works
Dropbox’s new two-factor authentication will require a cellphone device that can receive SMS text messages. Once users have turned on the additional security service for their Dropbox accounts, they will then have to enter a password and a texted security code that is sent directly to their mobile phone associated with their cloud storage account. Users will first have to upgrade their desktop Dropbox version to the 1.5.12 release. The security feature itself is optional; therefore, users must log in to their Dropbox accounts and visit the “Security” tab in order to activate it. From there, users will be required to enter their mobile phone number so that they can receive the six-digit security passcode that is sent via SMS to their phone.
If a user loses their phone, he or she will still be able to access Dropbox. The two-factor authentication has a backup 16-digit code that will be used for users who no longer have access to their cellphones or who have changed their numbers.
[Image via channelweb]