Dropbox introduces USB key verification for two-step login

The Dropbox Universal 2nd Factor (U2F) security keys adds an additional security measure for two-step verification, providing Dropbox users with a stronger authentication protection.

In an apparent move to improve online security, cloud storage service Dropbox has announced in a Wednesday blog post that it is adding another two-factor verification tool — Universal 2nd Factor (U2F) security keys.

After typing in their password, users will be able to insert their key into a USB port rather than typing in the six-digit code as per usual.

Anxious about the security of your Dropbox files, even if you use two-step verification? The U2F doesn’t add any protection at all to the data residing on Dropbox’s servers, which despite being encrypted, is still susceptible to attack and breach by those who hold Dropbox’s encryption keys. In order to log in with this method, users must place their key into the USB when logging in to a site.

This is different from two-factor login with a phone since you don’t have to worry about the battery dying out when you opt for the USB security key instead.

Dropbox has not always been associated with privacy, and Edward Snowden has been very vocal about the firm and its practices. Users can then use that U2F key by setting it up with their Dropbox account. You’ll need to use Chrome for now, as Safari isn’t supported yet. “Turn on two-factor authentication, which we provide for all our users”, said Patrick Helm, Dropbox head of trust and security. Don’t worry – you’ll still have the option to use two-step verification through text message or an authenticator app.