Advertisement
Tech

Dropbox forces password reset for longtime users

Dropbox says no user accounts have been breached, but it’s better safe than sorry.

Photo of Andrew Couts

Andrew Couts

Article Lead Image

Use Dropbox? If so, now would be a good time to reset your password. 

Featured Video

In a company blog post published on Thursday, Dropbox head of security Patrick Heim said the company will be automatically resetting the passwords for anyone who signed up for the cloud storage service before mid-2012 and hasn’t changed their password since. 

The reason for the forced password reset, writes Heim, is the discovery of “an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe was obtained in 2012.”

“Based on our threat monitoring and the way we secure passwords, we don’t believe that any accounts have been improperly accessed,” adds Heim. “Still, as one of many precautions, we’re requiring anyone who hasn’t changed their password since mid-2012 to update it the next time they sign in.”

Advertisement

Anyone who falls into the potentially affected category will receive a prompt to reset your Dropbox password. Even if you don’t fall into the category of affected users, there’s no harm in updating your password anyway, just in case—as long as your new password is nice and strong.

To ensure you have a strong password, choose a random string of letters (capitalized and uncapitalized), numbers, and symbols, which are more difficult for password crackers to figure out. You can also use a password manager, like LastPass, although those too can be hacked. Or you can always incorporate some 19th century slang to really mix things up.

Once you’ve done that, go ahead an enable two-factor authentication, which will better ensure that nobody but you can gain access to your files.

 
The Daily Dot