I would like to suggest for sharing of 3rd party client files and folders a more robust form of authentication - such as 2FA (two factor authentication) or higher . This would assist practitioners like myself in the legal area where client confidentiality is a mandatory requirement. It also has implications for other industries I imagine. The reason this arose was a client of mine sent me an email to which enclosed was a shared link that I could access by just opening the email. It granted me access to a previous lawyer's shared folder without any authentication gateway. Potentially this is fraught with danger. Another provider Adobe uses a form of 2FA to access its software via a Mobile App.
1. Could something similar not be utilised for dropbox shared folers that ensures that only the client or authorised persons can access?
2. Could we as the Principal determine the level of authentication required?