Dropbox has just added two-step verification feature to enhance the security of Dropbox accounts. From now onwards, two levels of authentication will be required, i.e., password, and a security code that will either be texted to the user’s mobile phone or generated by a mobile authenticator app. This app will be available for iOS, Android, Blackberry and Windows Phone 7. Users can go to the new Security tab in their Dropbox account settings and enable two-step verification in the ‘Account sign in’ section.

This is definitely a step towards customer security, following a hacker attack, where hackers got a hold of users’ email addresses and started sending spam e-mails from various sources. Last month Dropbox users started seeing more spam in their inboxes, including many who have opened e-mail accounts exclusively to sign up for a service. That led to an internal investigation and eventually the company found out how hackers got a hold of users’ email addresses: an employee with access to that information apparently fell victim to a phishing scam with a much smaller reach than the follow-up attack. The Dropbox team also stated that a stolen password was used to access an employee Dropbox account which contains a project document with user email addresses. The team stated that they’re doing everything they can to keep this from happening again. As announced earlier, it has now added the two-step verification, wherein users can turn on the option of requiring two proofs of identity. Although this dual verification step is definitely useful, we would again suggest using tougher passwords on their accounts, not repeatedly use it on other accounts, and never disclose it to anyone.