Have you enabled 2-step Authentication?

Dropbox is in the spotlight again in an alleged breach where thousands of user and password were leaked to the world, but according to Dropbox their infrastructure wasn’t breached. This leads many to believe that these were grabbed in a phishing attempt or infected computer.

I’m not going to talk about what happened to Dropbox, but more about what you the user can do. If you haven’t already, you should enable your 2 step verification that Google offers. By doing so, depending on the method you choose, Google will send you an SMS with the 6 digit code to enter once you’ve made an attempt to login, or if you use the authentication app, you will be able to use that and have a 6 digit code generated, making it very hard for someone else then you to login in the future.

If you’re interested to know more and want information, you should definitely check out Google 2 step verification page; http://www.google.ca/landing/2step/

There’s always PRO’s and CON’s about anything. With 2 step verification you ensure there’s a second layer before entry is allowed to your information, but in the event you did lose your smartphone and wanted to gain access, it would be as much of a pain for you and anyone else to regain access.
In the case of Dropbox, I’ve enabled the 2 step verification that the system offers. This means that anytime I want to login to Dropbox, my email and my password will require me to confirm with a 6 digit authentication code before access is granted. Many other services offer this level of security; Facebook, PayPal… Just to name some.

Lifehacker provides a nice little of services where you can enable 2 step verification; http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two-factor-authentication-right-now

The PRO’s outweigh the CON’s in a lot of cases and usually people are happy they did so. Granted, you may not have instant access and you may be delayed by a few seconds, but is it really worth the risk of not doing so and having all your dirty little secrets exposed?

It’s important to know that this isn’t a “FOOLPROOF” system and using a strong password is highly recommended as well.



Comments