No one should be surprised... passwords and account leaks now happen constantly, but sometimes they might affect a popular service used by millions of users - like Dropbox. However, before you rush to change your password, you may want to reconsider unless you've been really careless about your passwords and use the same in every online service you use.
Someone posted a list of 400 alleged Dropbox user emails and passwords on Pastebin and claims top have nearly 7 million of those to publish - if people pay for it. But Dropbox has already said that info is not valid, and that they weren't hacked. That list of usernames and passwords most likely originated in some other online service, and now hackers are rushing to try that info in all the popular services they can think of: meaning... if you're on the list and use the same password for things like Twitter, Facebook, Gmail, etc. you're in trouble.
There's no excuse to use the same password in differente services (or similar one for the matter). Try out a password manager if you don't want to worry about memorizing dozens of passwords. And should a service allow it, enable 2-step (like Dropbox recommends), that sends you an extra security code via SMS or using an app like Google Authenticator (which you should be using already for your Google account.)
This time, if you're a Dropbox user that has reasonable care with your passwords, you should be safe... but that doesn't mean next time you'll be so lucky. Do make sure your password is safe, and 2-step is enabled, and at least you'll make it much less likely for someone to take over your account and data.
No comments:
Post a Comment