Multiple reports today that up to seven million Dropbox passwords have been acquired by hackers. However, Dropbox says you’re safe and their servers were not breached. Stay tuned.
From a Dropbox Blog Post:
The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens.
To Do Today
1. Change your Dropbox password
2. Regardless of what did or did not happen this is yet another example of why you should utilize the two step authorization feature Dropbox and others offer that can make passwords much more difficult for those who obtain them to use.
Does it mean that a password can not be used if stolen? No. However, it’s a major roadblock you can put in place to thwart off someone who might want to use it.
How do you enable Dropbox 2 step verification? Details and links here
Here’s a list of a growing number of web services that offer two step (aka two factor) authorization. The extra security is worth the minimal effort.