You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Ricky Tigg
6 months agoExplorer | Level 3
Six-digit security code involved in account login, although in settings the 2FA option is disabled
Good morning. By default, for the operation of connecting to a Dropbox account with a Dropbox Basic subcription, not only a password as a first authentication factor is required, but also an additional authentication, therefore a second, operating by sending a six-digit security code to the e-mail address attached to the account and the devices linked to it. I observe that there is an option to define as trusted the computer on which this connection operation takes place, in order to avoid receiving such a code.
Today, it's with great delay that I decide to investigate the underlying cause of this second factor of authentication being enabled, which brings me to the account settings. We see that the Two-step verification* option is disabled by default. As you may have already guessed, this leads me to wonder how a second authentication factor can then be involved in the login operation. I would appreciate an official justification for this practice. Greetings.
* Also known as two-factor authentication, 2FA.
- RichSuper User II
Ricky Tigg wrote:
We see that the Two-step verification* option is disabled by default.
What you're seeing isn't the usual two-step verification feature, which would use an authentication device such as a mobile phone. It's a one-time security code and Dropbox will request these anytime it doesn't recognize a device or feels the sign-in attempt may be suspicious.
- Ricky TiggExplorer | Level 3
So something unknown remains as to the usage protocol when the Two-step verification option is active, because none of the pages relating to the connection - https://help.dropbox.com/account-access/enable-two-step-verification and https://help.dropbox.com/account-access/one-time-code - mention it. Which unknown places the service user in the uncomfortable position of not knowing what to expect when connecting. I dare to speculate that the one-time security code would not be applied because it would then involve three authentication factors, which could be considered disproportionate.
About Security and Permissions
Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.
Need more support
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!