<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Why is it Ever Safe to Ignore Unprompted One-Time Security Code Emails? in Security and Permissions</title>
    <link>https://www.dropboxforum.com/t5/Security-and-Permissions/Why-is-it-Ever-Safe-to-Ignore-Unprompted-One-Time-Security-Code/m-p/672359#M8000</link>
    <description>&lt;P&gt;According to&amp;nbsp;&lt;A href="https://help.dropbox.com/account-access/one-time-code" target="_blank" rel="noopener"&gt;https://help.dropbox.com/account-access/one-time-code&lt;/A&gt;&amp;nbsp;there are two versions of the "one time sign-in code" email.&lt;/P&gt;&lt;P&gt;They are identical except that one of them includes a link for "I didn't try to sign in," presumably to secure the user's account via resetting one's password and such, while the other simply says "If you didn't try to sign in, don't worry. You can safely ignore this email." Neither the email nor that help page elaborate on&amp;nbsp;&lt;EM&gt;why&lt;/EM&gt; it's safe to ignore the email, though.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;If I receive an email with a security code and I haven't tried to sign in at all recently, wouldn't it always mean someone else is attempting to sign in to my account? Furthermore, because the code is only sent if you type the correct email and password, wouldn't it mean that this person has my Dropbox account password? I'd think that would always be cause for alarm, even if they weren't actually able to get into the account.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;So what's the difference? In what circumstances is one of those two emails sent vs the other?&lt;/P&gt;</description>
    <pubDate>Wed, 29 Mar 2023 16:00:42 GMT</pubDate>
    <dc:creator>Shadowmech</dc:creator>
    <dc:date>2023-03-29T16:00:42Z</dc:date>
    <item>
      <title>Why is it Ever Safe to Ignore Unprompted One-Time Security Code Emails?</title>
      <link>https://www.dropboxforum.com/t5/Security-and-Permissions/Why-is-it-Ever-Safe-to-Ignore-Unprompted-One-Time-Security-Code/m-p/672359#M8000</link>
      <description>&lt;P&gt;According to&amp;nbsp;&lt;A href="https://help.dropbox.com/account-access/one-time-code" target="_blank" rel="noopener"&gt;https://help.dropbox.com/account-access/one-time-code&lt;/A&gt;&amp;nbsp;there are two versions of the "one time sign-in code" email.&lt;/P&gt;&lt;P&gt;They are identical except that one of them includes a link for "I didn't try to sign in," presumably to secure the user's account via resetting one's password and such, while the other simply says "If you didn't try to sign in, don't worry. You can safely ignore this email." Neither the email nor that help page elaborate on&amp;nbsp;&lt;EM&gt;why&lt;/EM&gt; it's safe to ignore the email, though.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;If I receive an email with a security code and I haven't tried to sign in at all recently, wouldn't it always mean someone else is attempting to sign in to my account? Furthermore, because the code is only sent if you type the correct email and password, wouldn't it mean that this person has my Dropbox account password? I'd think that would always be cause for alarm, even if they weren't actually able to get into the account.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;So what's the difference? In what circumstances is one of those two emails sent vs the other?&lt;/P&gt;</description>
      <pubDate>Wed, 29 Mar 2023 16:00:42 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Security-and-Permissions/Why-is-it-Ever-Safe-to-Ignore-Unprompted-One-Time-Security-Code/m-p/672359#M8000</guid>
      <dc:creator>Shadowmech</dc:creator>
      <dc:date>2023-03-29T16:00:42Z</dc:date>
    </item>
    <item>
      <title>Re: Why is it Ever Safe to Ignore Unprompted One-Time Security Code Emails?</title>
      <link>https://www.dropboxforum.com/t5/Security-and-Permissions/Why-is-it-Ever-Safe-to-Ignore-Unprompted-One-Time-Security-Code/m-p/672371#M8003</link>
      <description>&lt;P&gt;Hi &lt;SPAN style="background: var(--ck-color-mention-background); color: var(--ck-color-mention-text);"&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1652814"&gt;@Shadowmech&lt;/a&gt;&lt;/SPAN&gt;, thanks for using Dropbox and welcome to the Community!&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;I'm not quite concrete on this, so let me check with the team and I'll get back to you on that ASAP.&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Let me know if you have any other questions in the meantime.&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Wed, 29 Mar 2023 06:09:51 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Security-and-Permissions/Why-is-it-Ever-Safe-to-Ignore-Unprompted-One-Time-Security-Code/m-p/672371#M8003</guid>
      <dc:creator>Walter</dc:creator>
      <dc:date>2023-03-29T06:09:51Z</dc:date>
    </item>
    <item>
      <title>Re: Why is it Ever Safe to Ignore Unprompted One-Time Security Code Emails?</title>
      <link>https://www.dropboxforum.com/t5/Security-and-Permissions/Why-is-it-Ever-Safe-to-Ignore-Unprompted-One-Time-Security-Code/m-p/674724#M8206</link>
      <description>&lt;P&gt;Any luck,&amp;nbsp;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/364291"&gt;@Walter&lt;/a&gt;?&lt;/P&gt;</description>
      <pubDate>Wed, 05 Apr 2023 22:35:18 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Security-and-Permissions/Why-is-it-Ever-Safe-to-Ignore-Unprompted-One-Time-Security-Code/m-p/674724#M8206</guid>
      <dc:creator>Shadowmech</dc:creator>
      <dc:date>2023-04-05T22:35:18Z</dc:date>
    </item>
    <item>
      <title>Re: Why is it Ever Safe to Ignore Unprompted One-Time Security Code Emails?</title>
      <link>https://www.dropboxforum.com/t5/Security-and-Permissions/Why-is-it-Ever-Safe-to-Ignore-Unprompted-One-Time-Security-Code/m-p/675149#M8232</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1652814"&gt;@Shadowmech&lt;/a&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Thanks for reporting this issue, and for your patience while I looked into the matter.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;I brought this to the attention of the appropriate team. I understand that the messages can be confusing without further context, and as such we are actively exploring options for clearer messaging around login attempts. I can't share the exact logic behind the different messages, but I can assure you that they represent an appropriate approach to account security.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Regards,&lt;/P&gt;
&lt;P&gt;Ben&lt;/P&gt;</description>
      <pubDate>Fri, 07 Apr 2023 17:13:54 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Security-and-Permissions/Why-is-it-Ever-Safe-to-Ignore-Unprompted-One-Time-Security-Code/m-p/675149#M8232</guid>
      <dc:creator>BenDBX</dc:creator>
      <dc:date>2023-04-07T17:13:54Z</dc:date>
    </item>
  </channel>
</rss>

