With an aim to further strengthen account security, Dropbox has added support for Universal 2nd Factor (U2F) security keys as for two-factor login. Security keys provide stronger defense against credential theft attacks like phishing.
U2F security keys are physical objects that you place in a USB drive, which follows an open standard from the FIDO Alliance. In order to log in with this method, users must place their key into the USB when logging in to a site. This U2F key can then be set up with your Dropbox account and any other U2F-enabled services, such as Google. By using cryptographic communication, securitykeys will only work when you are signing in to the legitimate Dropbox website.
“After typing in your password, just insert your key into a USB port when you’re prompted, instead of typing in a six-digit code. And unlike two-step with a phone, you’ll never have to worry about your battery going dead when you use a security key.”
posted Dropbox Patrick Heim and Jay Patel in a blog.
After you receive your security key go to the Security tab in your Dropbox account settings and click Add next to Security keys. Currently, the new login security feature is only available through a Chrome web browser.