Two-step verification is an extra layer of protection in addition to traditional password-based authentication to fight against hackers. Google, Facebook, and more are adopting the two-step verification feature to enhance security. Dropbox, the online cloud storage service, recently admitted that some of its user accounts were hijacked. In the same announcement, Dropbox announced that more security features, including two-step verification is coming soon for all users.

Dropbox has finally released two-step verification or two-step authentication to all Dropbox users. When you enable two-step verification, you will need to type a six-digit security code (which will either be texted to your mobile phone or generated by a mobile authenticator app) in addition to your Dropbox account password.

How do I enable two-step verification on my Dropbox account?

You can turn on two-step verification using the simple steps underlined below.

  1. If you haven’t yet signed in to your Dropbox account through Dropbox website, you’ll need to sign in first.
  2. On the upper-right corner, you will find your name, click on it to open account menu.
  3. From the account menu, click on Settings. After the settings page loads, select the Security tab.
  4. Scroll down to find the Account sign in section. You will find a setting for Two-step verification, (by default its set to disabled).
  5. Click on the (change) link to enable a wizard which will walk you through the process.


  6. Now, you will be presented with two options. You can either choose to use text messages or you can use a mobile application.


  7. If you select use text messages option, you will need to give your mobile number which is capable of receiving text messages. Click next to continue and you should receive a text message from Dropbox with a security code. Enter the security code sent to you to verify your phone number.
  8. If you select the mobile app option, you can use either Google Authenticator (Android/iPhone/BlackBerry), Amazon AWS MFA (Android) or Authenticator (Windows Phone 7). These apps will generate a unique time-sensitive security code, which you can use to finish signing in to your Dropbox account.
  9. If you want to use a mobile app, you need to first either scan the generated QR code or click “enter your secret key manually” to manually enter a secret key into the app. Once the app is configured, you’ll need to verify setup by entering a security code generated by the authenticator app.
  10. Using an authenticator app is most reliable way to generate security codes. These apps will work even when you have no cellular coverage and you cannot receive text message. Very useful if you travel a lot or when cellular coverage is unreliable.
  11. Now comes a very vital step. Dropbox will give you a special 16-digit backup code. It is very important that you write this backup code and store it safely. This backup code will be the only way to get access to your Dropbox account if you ever lose your phone or can’t receive or generate a security code.


Generate security code from the command line (Mac/Linux/Unix)

Advanced Mac, Unix or Linux users can also generate security codes using the OATH tool.