Dropbox security

Dropbox is designed from the ground up with security in mind. We make sure your data is safe and secure by providing multiple layers of protection as well as controls you can enable to meet your security needs.

From the Security page, you can adjust team-wide settings. For example, you can set the ways your users authenticate to Dropbox, control and limit where your data can be stored, require 2FA when signing in, change default sharing settings, and add or remove team members. You can also review activity logs to make sure your team’s Dropbox accounts are being used the right way, or take advantage of automated log analysis with industry-leading SIEM apps.

See something that doesn’t look right? You can disconnect any app, or remotely sign out and wipe a device, with a click. 

More information

Get into the nitty-gritty of all the ways we help secure your data and PII (personally identifiable information), from encryption, distributed back-end infrastructure, and DLP (data loss prevention) partnerships, to customizable settings for both admins and end users.

Set a strong password

While we take comprehensive measures to protect your data, you play a key role, too. By creating unique, strong passwords for each website, app, and online account you use—and changing them regularly—you’ll help keep your Dropbox account and other accounts safe.

Password managers like 1Password can help you generate strong passwords, store them safely, and sign in easily to your accounts.

How strong is your password?

Use the Dropbox password strength estimator to test your password in our security checkup tool.

How to: create a strong password

A secure password is one that’s hard for a stranger to guess. Don’t use common words or a derivative of personal information, such as your name, the name of a family member or pet, or phone numbers, addresses, or birthdates. Uncommon words work well, but only if you use several together. The following tips will help you create unique, secure passwords. Try to use a combination of some (or all) of the below:

  • Uppercase and lowercase letters, symbols, and numbers

  • Non-standard uppercasing (for example, "uPPercasing")

  • Non-standard word spelling (for example, "spellllllling")

  • Personal slang words

  • Non-obvious numbers and symbols (note: using "$" for "s" or "0" for "o" is fairly common and likely not enough of a security measure)

Multi-factor authentication

Multi-factor authentication, (which includes two-step verification and two-factor authentication) adds an extra layer of security to your account. With this feature turned on, team members need a six-digit security code as well as their username and password to sign into their account or to link a new computer, phone, or tablet. Users can have the codes sent to their phone in text messages or generated by a mobile app like Google Authenticator or Duo Mobile. Dropbox also offers the option of using a security key, rather than six-digit codes, for two-step verification. Security keys offer extra protection against phishing attacks and are convenient to use.

As an admin, you can require your team to use two-step verification. With this extra measure, company data stays safe even if a device is lost or stolen, or a password gets compromised.


SSO

If you're the admin of a team on an Advanced or Enterprise plan, you can enable single sign-on (SSO) so your team can access their Dropbox accounts without remembering another password.

Set up multi-factor authentication

How to enable multi-factor authentication for your own account

1. Sign in to dropbox.com.
2. Click your avatar (profile picture or initials) in the top-right corner.
3. Click 
Settings.
4. Select the
Security tab.
5. Toggle
Two-step verification to On.
- If you see Managed by single sign-on under the Security tab, your team uses
single sign-on (SSO). This means you might not be able to use two-step verification with Dropbox.
6. Click
Get started.
7. Re-enter your password.
8. Choose if you want to receive your security code by
text message or mobile app. Click either Use text messages or Use a mobile app and follow the prompts.
9. Enter a security code to complete the setup (you'll receive it either via text message or authenticator app, depending on the method you entered).
10. Click
Next.

Note: If you use an authenticator app to receive your verification codes, please add primary and secondary backup phone numbers.

Learn more about two-step verification.

Require two-step verification for your team

Dropbox Business team admins can require all or some team members to use two-step verification. You can do this through the admin console or your identity management provider if you use single sign-on (SSO). Each team member has to enable two-step verification on their own account. However, you can request that members enable this feature, and then ensure that it stays on once enabled.

1. Sign in to dropbox.com with your admin credentials.
2. Click
Admin Console in the left sidebar.
3. Click
Settings in the left sidebar.
4. Under
Authentication settings, check Require two-step verification.
5. Select whether you'd like to require two-step verification for some or all team members.
6. Click
Confirm.
7. If you've selected
Require for specific members, enter the email addresses of the team members you'd like to use two-step verification, and then click Proceed.

Learn more about admin settings for two-step verification.

Restore & recover files

If you accidentally delete a file or save a new version of a file you’re not happy with, rest easy. Dropbox securely stores copies of your deleted files and folders for a certain period, including previous versions of files. To instantly recover a file—or restore it to a previous version—visit dropbox.com.

If you’re an admin on an Advanced or Enterprise plan, you can sign in as another user on your team. You can do this to troubleshoot issues like file recovery, set up a new employee account, or keep a project moving while team members are away.

How to: restore & recover files

How to restore previous versions of files

 

1. Sign in to dropbox.com.
2. Click All files in the left sidebar.
3. Select the file you'd like to access previous versions of.
4. Click
Version history in the menu on the right sidebar.
- Alternatively, you can click
 (ellipsis) beside your file's name to see more options.
5. Select a version to preview.
6. Click
Restore on the version you'd like to restore.

Note: On Windows and Linux, right-click the file and select Version history to preview and restore a previous version. On Mac, press control on your keyboard and simultaneously click the file to select View previous versions.

Sign in as another Dropbox Business team member to troubleshoot issues or restore file versions.

How to recover deleted files in Dropbox

1. Sign in to dropbox.com.
2. Click
Deleted files in the left sidebar.
3. Locate the deleted file or folder you want to recover, and click on its name.
4. Click
Restore.

Find out how long Dropbox stores versions of your files.

Learn how to recover files and folders.

How does deleting a shared folder affect other team members?

Up next: Onboarding your team

With your team space, sharing, and security settings ready, it’s time to start bringing team members on board. Next, learn how to make a plan for a smooth transition.