cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Security and Permissions

Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Question about two-step verification

Labels:

Question about two-step verification

stalkerski
Explorer | Level 3
‎02-10-2023 02:33 PM

Two-step verification, when connected Security keys how to remove the authorization method through the Authentication Application since it is no longer necessary and even lose the level of protection

Labels:
  • 0 Likes
  • 10 Replies
  • 1,015 Views
0 Likes
10 Replies 10

Walter
Dropbox Staff
‎02-10-2023 03:05 PM

Hey @stalkerski, welcome to our Community and thanks for using Dropbox!

 

Can you please clarify what exactly you'd like to accomplish here?

 

Do you want to disable the Authentication App as a way to log into your account since you're using security keys now, am I getting this right? 

 

Let me know more and we'll take it from there. 

Walter
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join

0 Likes

stalkerski
Explorer | Level 3
‎02-10-2023 03:18 PM

yes, you understood me correctly, because e. keys is considered the highest level of security, and it seems to me that its meaning is lost or a less secure way to unlock an account remains active. it's like coming up with a password for an account where you can go through authorization without a password.

0 Likes

Walter
Dropbox Staff
‎02-10-2023 04:00 PM

So, in this case, you can change from using an authenticator app to receiving an SMS text to access your account or disable the feature in general. 

 

Can you give this a go through your account's Security page and let me know if it helps @stalkerski?

Walter
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join

0 Likes

stalkerski
Explorer | Level 3
‎02-10-2023 04:04 PM

the way via sms is even older than through the application. no function free app and sms leave only U2F

0 Likes

Walter
Dropbox Staff
‎02-13-2023 08:22 AM

Thanks for your feedback on this @stalkerski - it's been noted in our system.

 

Let me know if you have anything else to add. 

Walter
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join

0 Likes

Enc
New member | Level 2
‎03-16-2023 05:25 AM

Security Keys like YubiKeys are not a gimmick. They are meant to increase security by replacing less secure methods of 2FA.

The current process at dropbox forces me to have an SMS key or Authenticator app to use 2FA. Even when I add security keys SMS/Authenticator can not be removed. Therefore I cannot replace the less secure method with Security keys. Subsequently, security is not improved or even reduced, by allowing more methods.

 

The suggestion is to allow only e.g. two security keys and disable all other 2FA methods. This ties the account to physical tokens and makes exploitation of access impossible.

0 Likes

Nancy
Dropbox Staff
‎03-16-2023 12:11 PM

Thanks for your suggestion, @Enc

 

Just a clarification; do you receive the 2FA code via SMS/Authenticator app, even if you add a security key as a 2FA method?

 

Let me know, and we'll take it from there.

Nancy
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join!

0 Likes

Jay
Dropbox Staff
‎03-24-2023 03:30 AM

Hi @Enc, are you available to respond to my colleague's message earlier?

Jay
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join!

0 Likes

Enc
New member | Level 2
‎03-24-2023 05:10 AM

I can choose what I can use as 2FA method. But I would like to get rid of the less secure method of SMS and only have security keys available. 

I am not receiving an SMS if I didn't choose. But an attacker that is able to intercept the SMS can choose the SMS during his authentication. 

0 Likes
Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Megan Dropbox Staff
  • User avatar
    Enc New member | Level 2
  • User avatar
    Jay Dropbox Staff
  • User avatar
    Nancy Dropbox Staff
What do Dropbox user levels mean?