Dropbox has embraced FIDO’s U2F standard. The cloud-based file storage service is now allowing users to add security keys for their accounts.
In a blog post, the company pointed to the improved security that two-step verification offers. “Security keys provide stronger defense against credential theft attacks like phishing,” the company wrote. “Even if you’re using two-step verification with your phone, some sophisticated attackers can still use fake Dropbox websites to lure you into entering your password and verification code… Security keys are designed to protect against these types of attacks.”
Dropbox users can now add their own security keys via their account settings. Once a security key is added, account access can only be gained via the entry of a password and the use of a USB security key.
In its blog post, Dropbox pointed users to the open U2F standard developed by the FIDO Alliance, pointing out that their security keys must adhere to it to ensure compatibility. Given the prominence of Dropbox, its support represents a significant validation of FIDO’s credibility.