Dropbox is designed from the ground up with security in mind. We make sure your data is safe and secure by providing multiple layers of protection as well as controls you can enable to meet your security needs.
From the admin console, you can adjust team-wide settings. For example, you can set the ways your users authenticate to Dropbox, control and limit where your data can be stored, require 2FA when signing in, change default sharing settings, and add or remove team members.
You can also review activity logs to make sure your team’s Dropbox accounts are being used the right way, or take advantage of automated log analysis with industry-leading SIEM apps. Admins on Dropbox Enterprise teams will also receive security alerts when certain events are detected.
See something that doesn’t look right? You can disconnect any app, or remotely sign out and wipe a device, with a click.
While we take comprehensive measures to protect your data, you play a key role, too. By creating unique, strong passwords for each website, app, and online account you use—and changing them regularly—you’ll help keep your Dropbox account and other accounts safe.
A secure password is one that’s hard for a stranger to guess. Don’t use common words or a derivative of personal information, such as your name, the name of a family member or pet, or phone numbers, addresses, or birthdates. Uncommon words work well, but only if you use several together. The following tips will help you create unique, secure passwords. Try to use a combination of some (or all) of the below:
Uppercase and lowercase letters, symbols, and numbers
Non-standard uppercasing (for example, "uPPercasing")
Non-standard word spelling (for example, "spellllllling")
Personal slang words
Non-obvious numbers and symbols (note: using "$" for "s" or "0" for "o" is fairly common and likely not enough of a security measure)
Multi-factor authentication, (which includes two-step verification and two-factor authentication) adds an extra layer of security to your account. With this feature turned on, team members need a six-digit security code as well as their username and password to sign into their account or to link a new computer, phone, or tablet. Users can have the codes sent to their phone in text messages or generated by a mobile app like Google Authenticator or Duo Mobile. Dropbox also offers the option of using a security key, rather than six-digit codes, for two-step verification. Security keys offer extra protection against phishing attacks and are convenient to use.
As an admin, you can require your team to use two-step verification. With this extra measure, company data stays safe even if a device is lost or stolen, or a password gets compromised.
1. Sign in to dropbox.com.
2. Click your avatar (profile picture or initials) in the top-right corner.
3. Click Settings.
4. Select the Security tab.
5. Toggle Two-step verification to On.
- If you see Managed by single sign-on under the Security tab, your team uses single sign-on (SSO). This means you might not be able to use two-step verification with Dropbox.
6. Click Get started.
7. Re-enter your password.
8. Choose if you want to receive your security code by text message or mobile app. Click either Use text messages or Use a mobile app and follow the prompts.
9. Enter a security code to complete the setup (you'll receive it either via text message or authenticator app, depending on the method you entered).
10. Click Next.
Note: If you use an authenticator app to receive your verification codes, please add primary and secondary backup phone numbers.
Dropbox Business team admins can require all or some team members to use two-step verification. You can do this through the admin console or your identity management provider if you use single sign-on (SSO). Each team member has to enable two-step verification on their own account. However, you can request that members enable this feature, and then ensure that it stays on once enabled.
1. Sign in to dropbox.com with your admin credentials.
2. Click Admin Console in the left sidebar.
3. Click Settings in the left sidebar.
4. Under Authentication settings, check Require two-step verification.
5. Select whether you'd like to require two-step verification for some or all team members.
6. Click Confirm.
7. If you've selected Require for specific members, enter the email addresses of the team members you'd like to use two-step verification, and then click Proceed.
If you accidentally delete a file or save a new version of a file you’re not happy with, rest easy. Dropbox securely stores copies of your deleted files and folders for a certain period, including previous versions of files. To instantly recover a file—or restore it to a previous version—visit dropbox.com.
If you’re an admin on an Advanced or Enterprise plan, you can sign in as another user on your team. You can do this to troubleshoot issues like file recovery, set up a new employee account, or keep a project moving while team members are away.
1. Sign in to dropbox.com.
2. Click All files in the left sidebar.
3. Hover over or select the correct file and click “…” (ellipsis).
4. Select Version history.
5. Select a version to preview.
6. Click Restore on the version you'd like to restore.
1. Sign in to dropbox.com.
2. Click Deleted files in the left sidebar.
3. Locate the deleted file or folder you want to recover, and click on its name.
4. Click Restore.