How can I customize security for my Dropbox team?

Updated Mar 25, 2024
person icon

The information in this article applies to all Dropbox customers.

We understand that you need to keep your organization’s information safe, which is why we’ve designed Dropbox with a number of physical and technical security measures. If you’re an admin on a Dropbox team, you have access to features that allow you to customize security to your particular needs.

User provisioning

Users can be invited to a Dropbox team manually by sending an email invite from the admin console, or automatically by integrating with an existing Active Directory or LDAP deployment through one of our identity management providers.

Sharing permissions

Admins can control whether team members are able to share items with people outside the team, and set different rules for shared folders and shared links. If sharing outside the team is enabled, members will still be able to make individual folders or links “team only” as needed.


Single sign-on (SSO) allows you to put your existing identity provider in charge of authentication. Two-step verification can also be enabled to add an extra layer of security. In addition, admins can reset passwords for individual users or the entire team.

Session control

Admins can remotely sign team members out of web sessions and devices and revoke third-party app access for any team members.

Password control

Admins can set password requirements or reset passwords for their teams.

Enabling password control will log out all team members, notify them of new password requirements, and prompt them to reset their passwords.

Admins can also choose to reset passwords for all of their team members. This will prompt each team member to choose a new password the next time they log in to Dropbox. The option to reset all passwords is available in the password control section of the admin console.

Connecting personal and work Dropbox accounts

Admins can turn off team members’ ability to use our desktop application for both personal and work Dropbox accounts at the same time.

Transferring data during offboarding

When removing users from a Dropbox team, admins have the ability to transfer their data to another user.

Remote wipe

If a device is lost or someone leaves the organization, admins can easily delete files and folders from computers and mobile devices once they come back online.


Admins can generate activity reports at any time for events related to passwords, logins, admin actions, apps, devices, sharing, and membership. Reports are available for individual users or entire team accounts and can be downloaded in CSV (comma-separated values) format for analysis with SIEM (Security Information and Event Management) tools.

To learn more about our Control and Visibility solutions, see the Dropbox Trust Guide.

Was this article helpful?

We’re sorry to hear that.
Let us know how we can improve.

Thanks for your feedback!
Let us know how this article helped.

Thanks for your feedback!

Community answers

Other ways to get help