Securing Dropbox Business access
with cost-effective U2F
Easy to deploy, simple to use, physical 2nd factor security
Key-ID FIDO U2F keys work with Dropbox Business’s two factor authentication log-on process, which is easy to activate within the Admin Console. Because the U2F standard is supported natively by compatible web browses there’s no other set-up required. Users simply self-register, and then use, a unique cryptographic USB key to access their account by tapping its button when prompted during log-in.
Easy to deploy
Enable the ‘Require two-step verification’ option for your team in your Dropbox Business Admin console’s authentication settings. This can either be done for all team members, or on a user-by-user basis.
Team members will be required to set up two-step verification the very next time they sign-in to Dropbox, when they can self-register their keys.
That’s it! Stronger security, greater user convenience and easy deployment.
Dropbox Business team admins can reset a user’s two-step verification setting if they don’t have their key, or back-up alternatives, with them.
Simple to use
When signing-in to Dropbox users are prompted to insert their FIDO key into a USB slot and press the button. That’s it!
No drivers or software to install for FIDO U2F compatible browsers, including Chrome and Opera.
No manual typing of random codes or need for a mobile phone or SMS messaging.
The same key can also be used to secure account access to other FIDO complaint online services, such as Google’s G Suite and Salesforce.com. Attaching the U2F key to a keyring ensures it’s always on hand when needed.
Why 2 factor security?
Usernames and passwords just aren’t enough; known data breaches have impacted hundreds of millions of accounts while new phishing and man-in-the-middle threats are emerging all the time. FIDO U2F authentication provides far greater account protection by requiring the additional verification of a unique physical key that uses highly secure embedded public key cryptography, making them effective against ‘time-of-use‘ phishing attacks which can capture other 2-step authentication responses (including OTP codes).