Dropbox security

Dropbox is designed from the ground up with security in mind. We make sure your data is safe and secure by providing multiple layers of protection as well as controls you can enable to meet your security needs.

From the Security page, you can adjust team-wide settings. For example, you can set the ways your users authenticate to Dropbox, control and limit where your data can be stored, require 2FA when signing in, change default sharing settings, and add or remove team members. You can also review activity logs to make sure your team’s Dropbox accounts are being used the right way, or take advantage of automated log analysis with industry-leading SIEM apps.

See something that doesn’t look right? You can disable or remote wipe any linked device and app, or suspend users with a click.

Set a strong password

While we take comprehensive measures to protect your data, you play a key role, too. By creating unique, strong passwords for each website, app, and online account you use—and changing them regularly—you’ll help keep your Dropbox account and other accounts safe.

Password managers like 1Password can help you generate strong passwords, store them safely, and sign in easily to your accounts.

How strong is your password?

Use the Dropbox password strength estimator to test your password in our security checkup tool.

How to: create a strong password

A secure password is one that’s hard for a stranger to guess. Don’t use common words or a derivative of personal information, such as your name, the name of a family member or pet, or phone numbers, addresses, or birthdates. Uncommon words work well, but only if you use several together. The following tips will help you create unique, secure passwords. Try to use a combination of some (or all) of the below:

  • Uppercase and lowercase letters, symbols, and numbers

  • Non-standard uppercasing (for example, "uPPercasing")

  • Non-standard word spelling (for example, "spellllllling")

  • Personal slang words

  • Non-obvious numbers and symbols (note: using "$" for "s" or "0" for "o" is fairly common and likely not enough of a security measure)

Two-step verification

Two-step verification (also known as 2FA or two-factor authentication) adds an extra layer of security to your account. With this feature turned on, you’ll need a six-digit security code as well as your username and password to sign into your account. You’d also need this code to link a new computer, phone, or tablet. You can have the codes sent to your phone in text messages or generated by a mobile app like Google Authenticator or Duo Mobile. Dropbox also offers the option of using a security key, rather than six-digit codes, for two-step verification. Security keys offer extra protection against phishing attacks and are convenient to use.

Require your team to enable two-step verification. With 2FA, company data stays safe even if a device is lost or stolen, or a password gets compromised.


SSO

If you're the admin of a team on an Advanced or Enterprise plan, you can enable single sign-on (SSO) so your team can access their Dropbox accounts without remembering another password.

How to: Set-up 2FA

  1. Sign in to dropbox.com.

  2. Click your avatar.

  3. Choose Settings.

  4. Select the Security tab.

  5. Toggle Two-step verification to On.

    - If you see Managed by single sign-on under the Security tab, your team uses single sign-on (SSO). This means you might not be able to use two-step verification with Dropbox.

  6. Click Get started.

  7. Re-enter your password.

  8. Choose if you want to receive your security code by text message or mobile app. Click either Use text messages or Use a mobile app and follow the prompts.

  9. Enter a security code to complete the setup (you'll receive it either via text message or authenticator app, depending on the preferred method you entered).

  10. Click Next.

Note: If you use an authenticator app to receive your verification codes, please add primary and secondary backup phone numbers.

Find detailed instructions on setting up 2FA using your mobile app or text messages.

Learn how to change your two-step verification phone number, add a secondary backup method, or use a security key device.

What do I do if I lost my phone or can't sign in using two-step verification?

Dropbox Business team admins can require all or some team members to use two-step verification. You can do this through the admin console or your identity management provider if you use single sign-on (SSO). Each team member has to enable two-step verification on their own account. However, you can request that members enable this feature, and then ensure that it stays on once enabled.

  1. Sign in to dropbox.com with your admin credentials.

  2. Click Admin Console.

  3. Click Settings.

  4. Under Authentication settings, check Require two-step verification.

  5. Select whether you'd like to require two-step verification for some or all team members.

  6. Click Confirm.

  7. If you've selected Require for specific members, enter the email addresses of the team members you'd like to use two-step verification, and then click Proceed.

Learn more about admin settings for two-step verification.

Restore & recover files

If you accidentally delete a file or save a new version of a file you’re not happy with, rest easy. Dropbox securely stores copies of your deleted files, folders, and Dropbox Spaces for a certain period, including previous versions of files. To instantly recover a file—or restore it to a previous version—visit dropbox.com.

If you’re an admin on an Advanced or Enterprise plan, you can sign in as another user on your team. You can do this to troubleshoot issues like file recovery, set up a new employee account, or keep a project moving while team members are away.

How to: restore & recover files

  1. Sign in to dropbox.com.

  2. Select the file you'd like to access previous versions of.

  3. Click Version history in the menu on the right sidebar.

    - Alternatively, you can click  (ellipsis) beside your file's name to see more options.

  4. Select a version to preview.

  5. Click Restore on the version you'd like to restore.

Note: On Windows and Linux, right-click the file and select Version history to preview and restore a previous version. On Mac, press control on your keyboard and simultaneously click the file to select View previous versions.

Sign in as another Dropbox Business team member to troubleshoot issues or restore file versions.

  1. Sign in to dropbox.com.

  2. Click Files in the sidebar.

  3. Click Deleted files.

  4. Locate the deleted file, folder, or Space you want to recover, and click on the name.

  5. Click Restore.

Find out how long Dropbox stores versions of your files.

Learn how to recover multiple files, folders, or Spaces.

How does deleting a shared folder or Space affect other team members?

Can I add it back?

Up next: Onboarding your team

With your team space, sharing, and security settings ready, it’s time to start bringing team members on board. Next, learn how to make a plan for a smooth transition.

 

How helpful was this article?

We’re sorry to hear that.
Let us know how we can improve:

Thanks for your feedback!
Let us know how this article helped:

Thanks for your feedback!