Dropbox has begun public testing of two factor authentication prompted by a security leak recently

http://www.h-online.com/security/news/item/Dropbox-tests-two-factor-authentication-1676276.html

Well, that's good! I think....

"When activating two-factor authentication on Dropbox, the user also receives a 16-character emergency code that can be used if the user loses their mobile phone or runs into problems with the code generator. The emergency code should be kept in a safe place, out of the reach of hackers. It would be prudent not to store it in the same place as the Dropbox account password."

* I just hope no-one steals their phone!

most mobile os have some sort of remote find or wipe feature (may require third party app)

Hopefully, whoever gets it won't disable the remote wipe...