In the early 2000s, cloud storage was becoming a thing, not just in the business world but also in the consumer realm. Back then, people still used email to send files to themselves for easy access in different locations, or they used clunky USB drives to carry around their digital assets. When Dropbox came with its free 2GB for easy access anywhere on any device, the hassle was about to disappear.
Dropbox is a pioneer in file hosting, with 15 years of activity under its belt. The service isn’t without controversy, having suffered issues including security breaches and privacy concerns. That said, the service is now significantly more focused on user privacy and security than ever.
Today, we’re going to look at Dropbox’s handy Security Checkup feature and how you can use it to deadbolt your account.
First things first: Dropbox needs a current email address so you can get into your account if you ever forget your password. Be sure you can always access this email for password resets, and so on. If you recently switched to a different email address, be sure to hit that Change button and let the guys at Dropbox know.
This is more important than some people believe. Dropbox is a safe and reliable service overall, but it also favors convenience, which means you stay logged in, even on multiple devices at once, unless you intentionally log out. If any of the instances in that list no longer apply – or worse, look unfamiliar –sign out of them.
Sometimes it’s easy to forget what apps and services have access to other apps and services that you use. Having used Dropbox since its inception in 2007, some users will be surprised to see it still tied to old apps or different online accounts that once integrated with the service. Like with devices and browsers, be sure to unlink any apps or services that no longer work, are outdated, or you no longer want tied to Dropbox for whatever reason.
If you haven’t gone through Security Checkup in a while, it’s a good idea to update your password now. It’s advisable to change your passwords periodically anyway, so if unlinking apps or devices was long overdue, now’s the time to make sure none of those relics can still access your Dropbox. Make it at least eight characters in length, using uppercase and lowercase letters, and throw in a number or a special character (#$%& etc.) for good measure.
Note that even after you change your password, any existing sessions, devices and apps can still access your Dropbox. So you need to sign out of those devices and browsers or revoke access to those apps to start anew.
Dropbox’s wording makes it sound like two-step verification is just nice to have, albeit recommended. Realistically speaking, though, it’s pretty much mandatory in today’s threat landscape. Also known as two-factor authentication (2FA), this extra security layer has become crucial for virtually any online service out there. Be sure to have it on and use a phone number you currently can access (preferably your main number).
The Security Settings module in Dropbox offers advanced options for dead bolting your account, such as getting security codes to use when you can’t access your phone, or requiring a physical key to sign in.
Be sure to pay a visit to Dropbox’s Security Checkup soon if you haven’t done so in a while. As a general rule, you should do the same for every service that offers a security checkup tool and be sure to turn on two-step verification if you haven’t already. It more than just nice to have. Even if your password is somehow compromised, two-step verification can still keep prying eyes out of your Dropbox.