Conversations are being had by all around the Internet today about the latest online brand being tainted by claims of hacking….first it was Snapchat users accessing third party applications to save images, this time it is Dropbox.
Various tech related news sites went into overdrive across the day with news that a hacking group had released a few hundred usernames and passwords in plain text as a teaser for the leaking of more, should those interested contribute with Bitcoin donations.
Since then there has been no more additional accounts added and all of the listed accounts have had their passwords expired by Dropbox.
The company has released a statement on their blog to indicate that any usernames and passwords that have been leaked were obtained from other online sources and simply tested against Dropbox servers to find users who used a common combination on several websites.
As bad as it sounds, it is actually a good time to remind yourself about being smarter with login information online.
You should never ever use simple/common word combinations. All passwords should contain at least 8 characters, they should have letters and numbers at minimum but you are better off adding some characters in there as well.
Do not use the same email address & password across multiple websites, because if they manage to get your details on one site…they will try to use it on many.
Websites like Dropbox have a system called two factor authentication, which prevents people from logging into your account or adding new machines via the use of the desktop syncing apps without a confirmation code which can be received by text message or through an authentication program (like Google Authenticator or Duo Mobile) that you can download to your phone.