Keep your Dropbox secure

Security

The next time you visit Dropbox.com, you may be asked to create a new password. Why? Back in 2012 the cloud storage firm was hacked, and while it thought only email addresses had been stolen, new evidence has come to light that user passwords were compromised, too. So if you’ve been using Dropbox since that time but haven’t updated your password, the company advises you to do so ASAP.

Despite the unfortunate incident, Dropbox has implemented a thorough threat-monitoring analysis and investigation, and has found no indication that user accounts were improperly accessed. However, this doesn’t mean you’re 100 percent in the clear.

What you need to do

As a precaution, Dropbox has emailed all users believed to have been affected by the security breach, and completed a password-reset for them. This ensures that even if these passwords had been cracked, they couldn’t be used to access Dropbox accounts. However, if you signed up for the platform prior to mid-2012 and haven’t updated your password since, you’ll be prompted to do so the next time you sign in. All you have to do is choose a new password that meets Dropbox’s minimum security requirements, a task assisted by their “strength meter.” The company also recommends using its two-step authentication feature when you reset your password.

Apart from that, if you used your Dropbox password on other sites before mid-2012 — whether for Facebook, YouTube or any other online platform — you should change your password on those services as well. Since most of us reuse passwords, the first thing any hacker does after acquiring stolen passwords is try them on the most popular account-based sites.

Dropbox’s ongoing security practices

Dropbox’s security team is working to improve its monitoring process for compromises, abuses, and suspicious activities. It has also implemented a broad set of controls, including independent security audits and certifications, threat intelligence, and bug bounties for white hat hackers. Bug bounties is a program whereby Dropbox provides monetary rewards, from $216 up to $10,000, to people who report vulnerabilities before malicious hackers can exploit them. Not only that, but the company has also built open-source tools such as zxcvbn, a password strength estimator, and bcrypt, a password hashing function to ensure that a similar breach doesn’t happen again.

To learn more about keeping your online accounts secure, or about how you can protect your business from today’s increasing cyber threats, give us a call and we’ll be happy to help.

Published with permission from TechAdvisory.org.

Previous Blogs

Benefits of a Privately Hosted Exchange Server

Benefits of a Privately Hosted Exchange Server

When clients decide that it’s time to retire their aging, on-premise Exchange servers, questions often come up on where to go with their next Exchange server.  With few exceptions, the answer is the cloud due to uptime requirements for email flow and minimal cost...

read more
Data Center Upgrade and Move Announcement

Data Center Upgrade and Move Announcement

Russell Technologies has exciting news to share. We are upgrading and moving our primary data center in St. Louis, moving it from 210 N Tucker to 710 N Tucker. After almost 6 years in 210 N Tucker, this was not a decision that we made easily, but the move gives us...

read more
Security policies for your business

Security policies for your business

Businesses rarely address cybersecurity in their company policies. With cybercrimes becoming more prevalent, it’s important you inform staff about the threats they could be exposed to. Make sure your business and employees are safe with these security policies. Internet In today’s business world, employees spend a lot of time on the internet. To ensure they’re […]

read more