Backups are necessary because data has value. You never know when your hard drive that contains this data is going to crash. Cloud backups solutions can help you securely store your data in the cloud, but what if these services themselves get hacked?
Enabling two-factor authentication adds an extra layer of protection, thus giving you peace of mind. Therefore, it’s necessary to choose a cloud backup service that supports two-factor authentication. If you still doubt its importance, here are a few incidences when such services have experienced a security breach in the past.
Cloud Backup Services as Victims of Security Breaches
In 2014, almost 500 private photos of various celebrities were leaked via a breach in Apple’s cloud backup service, iCloud. It was revealed that the leak was accomplished using targeted phishing attacks.
In 2012, a Dropbox hack resulted in the leak of emails and passwords of a large number of users. Four years later, it was revealed that almost two-thirds of its customers have been affected by the leak.
In 2016, a large number of Carbonite users were targeted in a password reuse attack. The company had to send out emails to its customers with instructions to reset their password.
As you can see, cloud backup services have been a prime target for hackers. Two-factor authentication ensures that you’re the only person who can access your account, even if someone knows your password. So, let’s see what cloud backup services support two-factor authentication, and how you can enable it.
Turning on 2FA helps you secure your iCloud account. Once enabled, you’ll be able to access your iCloud account only from your trusted devices. You will need an iOS device or a Mac to enable it.
Here’s how to turn on 2FA if you’re using an iOS device:
- Open Settings > iCloud.
- Tap your Apple ID at the top of the screen.
- Tap Password & Security > Turn on Two-Factor Authentication.
If you’re using a Mac, here’s how to enable 2FA:
- Open System Preferences.
- Navigate to iCloud > Account Details.
- Switch to the Security tab.
- Tap Turn on two-factor authentication.
Note that 2FA is only available to iCloud users with at least one device that’s using iOS 9 or OS X El Capitan or later. If your device is incompatible, you can still use two-step verification, which relies on a text message sent to a phone number. To learn more about it and to enable it, head over to Apple’s support page.
Backblaze is one of the cheapest options available for unlimited backups. It provides automatic and scheduled backups. Loyal users would be glad to know that it supports 2FA.
Here’s how to turn it on:
- Sign in to your Backblaze account.
- Click My Settings in the left-hand pane.
- Click Sign in Settings.
- Enter your password and phone number.
- Click the Send Code button.
- Check your phone for the text message containing a six-digit verification code. Enter this code in the Settings Page and click Verify.
Two-factor verification should now be successfully enabled for your Backblaze account.
Box stores your files online and lets you access them from any device. The company claims that it is equipped with enterprise-grade security. It supports 2FA using SMS verification codes.
Here’s how to enable it:
- Sign in to your Box account.
- Click on your profile name in the upper right-hand corner and click Account Settings.
- Navigate to the Security tab and check the Login Verification box.
- Enter your mobile number.
- Check your phone for the text message containing a 6-character alphanumeric code.
- Enter this code in the Confirmation Code box and click Confirm.
Now every time you log in from a new browser, you will be sent a verification code to your mobile phone. You’ll be required to enter this code to log in successfully.
Note that if your account has Single Sign-On (SSO) enabled, you will not be able to enable two-step verification.
There’s no denying that Dropbox popularized the idea of cloud backup to the masses. Despite dozens of alternatives popping up, it’s still one of the best cloud storage services you can get today. One of the prime reasons is that it has remained fairly competent.
For instance, it supports two-step verification like most other players in the game. But alongside SMS-based tokens, it actually goes even further by supporting hardware as well as software tokens.
Here’s how to turn on two-step verification in Dropbox:
- Sign in to your Dropbox account.
- Click your avatar at the top of the page and then click Account.
- Switch to the Security tab.
- Toggle Two-step verification to On.
- Click Get Started.
- Enter your password.
You can also use any FIDO Universal 2nd Factor (U2F) enabled security key like YubiKey that authenticates you with Dropbox and signs you in securely. To learn more about it, visit Dropbox’s support page.
Google Drive is tightly integrated with other Google services. It provides a hassle-free way to back up your data to the cloud and lets you access your files from anywhere. When it comes to security, it can deliver two-factor authentication codes via SMS or over a voice call. It also supports software-based tokens like Google Authenticator and hardware security keys like YubiKey.
Here’s how to turn on two-factor authentication for Google Drive:
- Sign in to your Google account.
- Head over to Google’s two-step verification page. Click Get Started.
- Enter the mobile number you’d like to use to receive the verification code.
- Check your phone for the text message and enter it in the settings page.
- Now click Turn On.
Once you’ve set up two-factor authentication, you’ll be asked to use a second verification step. Here, you can choose to use the Google prompt, Authenticator app, voice or text message, or backup codes. Perhaps the most convenient option is Google prompt, so it’s the default second-step verification method. However, you can change it if you want.
OneDrive is Microsoft’s take on cloud storage service. As you’d expect, it’s baked tightly into Windows 10 and other Microsoft services. If you’re deep into the Microsoft ecosystem, using it is a no-brainer. It supports 2FA via software-based and SMS-based tokens.
Here’s how to turn it on:
- Head over to Microsoft’s Security page and log in with your Microsoft account.
- Select More security options.
- Click Set up two-step verification to turn it on.
- Follow the instructions to continue the process.
Two-step verification should be successfully enabled for your OneDrive account now.
Other Services That Support Two-Factor Authentication
Aside from these well-known services, many other cloud backup services support two-factor authentication for enhanced security. Frostbox and Koofr support 2FA via software-based tokens like the Google Authenticator app. Nimbox supports 2FA via SMS, email and software-based tokens. Sync and Syncalogy support 2FA via email and software-based tokens.
No Support for Two-Factor Authentication Yet
Some cloud backup services do not support two-factor authentication yet citing various reasons. Among them are CloudApp, IDrive, SugarSync, and SpiderOak.
SpiderOak is currently not offering two-factor authentication to new users, as it is in the process of overhauling the service. The company says that when the new 2FA system is released, it’ll be available to all the users. If you’re using any of these 2FA-free cloud services, we recommend that you either make the shift to the cloud backup services that support 2FA, or raise a request to your provider asking them to support it.
Have You Enabled Two-Factor Authentication Yet?
There’s absolutely no reason why you shouldn’t enable two-factor authentication for your cloud backup services. Sure, it adds an extra step before login, but it safeguards your account and protects your sensitive data. Now that you’ve enabled 2FA for your cloud backup accounts, go and enable 2FA for all your gaming accounts too.
What do you think of two-factor authentication? Does your current cloud storage provider support it? We’d love to hear about it in the comments below.