Visit Us

Cyber Security

Dropbox Bumps Up Security with New USB Key Login

 

DropboxSecurity

Cybersecurity is a top priority for organizations, with both new and legacy technologies susceptible to hacking. Just last year, premier cloud file-sharing services Dropbox and Box exposed their data through publicly shared leaks, leaving their users vulnerable. It seems no one is safe.

But this week Dropbox announced that it will let users log in to their accounts with USB keys as a form of second factor authentication.  According to the Dropbox blog, it works like this: “After typing in your password, just insert your key into a USB port when you’re prompted, instead of typing in a six-digit code. Unlike two-step with a phone, you’ll never have to worry about your battery going dead when you use a security key.”

There are different types of authentication that Dropbox could have chosen to pursue. The USB constitutes two-factor authentication, which provides identification of users by combining two components, such as something that the user knows, something that the user possesses (in this case the USB) or something that is inseparable from the user (like biometric data).

Authentication is generally categorized three ways:

  1. What-you-know

The most basic method of encryption is a single sign-on password. This falls under “what you know” because people memorize their password.

  1. What-you-have

This next level of authentication validates a user based on an object they possess, like a USB drive or smartphone. Generally these are used in addition to a personal password. For example, a dongle (like a USB) can provide passwords that constantly change, so you can be sure that a hacker can’t guess it. Alternatively, entering a single sign-on password could prompt a text message to your smartphone, which provides another code that you then enter to complete the sign-in process. A third option, and this is what Dropbox is doing, is to insert a USB into your computer after entering your single sign-on password to complete your login.

  1. What-you-are

The most intensive layer of authentication involves biometric data, like retinal scans or fingerprint analysis. Behavior such as speech patterns or inflection could also be used to enable access to a system. A great example of “what you are” is the thumbprint login feature on the new Apple iPhone 6.

Dropbox already lets users use two-factor authentication with a code that’s sent to a phone. Although the USB isn’t the most futuristic form of access management, it will help get the job done for Dropbox’s new business customers charged with keeping their company’s data safe from hackers.

email

Kabbage Team

The Kabbage Team is here to not only fund the small business loans you need, but to help you grow your business through free marketing tips, webinars, tools and more. Is there something you'd like us to cover or want to get your small business featured on our blog? Send us a note at content@kabbage.com.

Latest posts by Kabbage Team (see all)