Announcements
Do you have an idea for Dropbox Paper? Share it with us!

default

no

Highlighted

How important is two-step verification?

Dropboxer
Dropboxer

Two-step verification, two factor authentication, using SMS to login to your account; these are all the same thing.

For the sake of simplicity, we’ll just call it 2FA in this article.


Jay
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! (
Questions asked in the community will likely receive an answer within 4 hours!)

5 Replies

Re: How important is 2FA?

Dropboxer
Dropboxer

Remind me again, what’s 2FA?


When you login to the site, normally you only need your email address and your password. 
 
2FA is an extra step to login, either by sending you an SMS message or using an authenticator app to generate a PIN.
 
This secures your account so only you can login to your account, since you have access to the phone number, and the authenticator.
 
Even if a person has your email and password, and attempts to login, they’ll need the extra code to actually view the account. If they can’t they’ll be met with an error message and need to start the process again.


Jay
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! (
Questions asked in the community will likely receive an answer within 4 hours!)

Reply
Loading...

Re: How important is 2FA?

Dropboxer
Dropboxer

Sounds great! Why is this feature optional?

Not everyone has a mobile phone, and for some, this is too much of a hassle to use your phone to login to Dropbox.

By making it optional, users have a choice whether or not to go for it. Given that a lot of people carry their phone everywhere, and pay it more attention than their children in front of them…

Sorry, got side-tracked a bit…

Anyway, users have their devices with them, so it can be a quick and easy way to secure the account with 2FA.


Jay
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! (
Questions asked in the community will likely receive an answer within 4 hours!)

Reply
Loading...

Re: How important is 2FA?

Dropboxer
Dropboxer
Cool, I guess if I lose my phone you can help me?

Umm, no, that’s not how this works.
 
Losing access to your 2FA source (either a 3rd party app or SMS) can happen in a few ways:
 
Method
App
SMS
Losing your mobile phone
x
x *
Upgrading your mobile phone (via a carrier/contract expiry)
x
x*
Selling it and forgetting to disable the authenticator app
x
 
Uninstalling the authenticator app
x
 
Switching cellphone/mobile network providers and getting a new phone number
 
x
Factory reset of your phone
x
 
Loss of mobile signal, due to hardware issues, or network issues
 
x **
Not receiving the SMS despite perfect signal
 
x **

 

x = Stops the app/SMS from working
x * = Rarely, phone providers won’t give you the same number as before, especially if you’re on a pay-as-you-go phone.
x ** = This is possible to resolve, either by contacting your carrier to see if there are issues with the network, your line, or even putting your SIM card in another phone.

Jay
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! (
Questions asked in the community will likely receive an answer within 4 hours!)

Reply
Loading...

Re: How important is 2FA?

Dropboxer
Dropboxer
Remind me why you can’t reset my password when I have 2FA enabled?
 
If you just used your email and password, then you could simply visit the password reset page and get it over with a simple click in the link sent to your email. 
 
However, 2FA is special in that you are in control of your own security. Basically, you don’t trust that an email and password alone could secure your account, so you added 2FA. 
 
For the same reason, we can’t reset your password for you, just because you say you own your email address. Otherwise, what’s the point of the extra security?
 
You need to use the emergency backup code to access the account. This is in the form of 8 random lowercase letters and numbers. For example:
 
r028j657
 
You actually get 8 backup codes, of which the original code is a part of. 
 
If you don’t remember where you stored your backup code, or never wrote it down, immediately login to your account and print another set of the backup codes.
 
Even if you’re certain you have it stored safely away, a second copy won’t hurt.
 
Note that the codes from the security page above are written as r028 j657. When you enter the code on the site to login, make sure to remove the space.
 
Once a code has been used up, it can never be used again. You can regenerate your codes on the site, but until then just remember which one you've used already.

Jay
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! (
Questions asked in the community will likely receive an answer within 4 hours!)

Reply
Loading...

Re: How important is 2FA?

Dropboxer
Dropboxer

tl;dr 

I can’t state this enough.

The emergency backup code is the only way to login to your account when you lose your 2FA app or SMS phone number.

Even we can’t grant you access to the account on our end. 

Another major mistake people make is taking a screenshot of the backup code, or pasting it into a text document, and then moving that file to their Dropbox account…

Of course, I don’t need to tell you about this Catch 22 situation.

We care deeply about the security for your Dropbox accounts, it’s only fair that you take care of the backup code when applying extra security on your end.


Jay
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! (
Questions asked in the community will likely receive an answer within 4 hours!)

Reply
Loading...
Manage Account

Have a question? Our Dropbox Community is here to help!

Post your question or search for an answer below.


Learn more about using the Community by reading our Community Guidelines.


Hi anonymous,

If you need more help you can log a ticket with our Support Team here (expected response time 24 hours), or contact us on Twitter or Facebook.

For more info on available support options, see this article.

If you found the answer to your question, please 'like' the post to say thanks to the user!

How important is two-step verification?
3,174 Views
5 Replies
25 Likes
Dropbox Design Research
Looking for Dropbox Paper users

If so, we're starting a design feedback group and we'd love for you to be a part of it. We have paid feedback opportunities - both in person and remotely - for English speaking users based in the US.

Interested? Take the short survey to let us know.

Take the survey
Who's talking
Top contributors to this post