Home
Internet
Internet News
Dropbox Forces Some s to Reset s; Cites Leaked Credential Cache

Dropbox Forces Some s to Reset s; Cites Leaked Credential Cache 3r4k3g

By Tasneem Akolawala | Updated: 26 August 2016 20:17 IST

Highlights

s ed before mid-2012 will be asked to reset their s
Those who haven't changed their since then will also be asked
This is due to a hacked file obtained by its intelligence team

ment

Dropbox has sent out resets to all of its s that have signed up for the service prior to mid-2012, or not changed their since that time. The company asserts that no s have been hacked, and the reset is being done as "purely a preventative measure". 193d4q

The cloud storage company elaborates that measure is being taken after its intelligence team obtained an old set of Dropbox credentials (email addresses as well as hashed and salted s that may have been Linkedin hack, were used to sign in to many Dropbox s as well at that time. This obtained file also links back to the LinkedIn hack, and Dropbox is taking preventive measures to stop it from reoccurring. This file was held quietly for many years, but as it surfaced again, Dropbox wants all of its old s to reset their s.

Our security teams are always watching out for new threats to our s. As part of these ongoing efforts, we learned about an old set of Dropbox credentials (email addresses plus hashed and salted s) that we believe were obtained in 2012. Our analysis suggests that the credentials relate to an incident we disclosed around that time. Based on our threat monitoring and the way we secure s, we don't believe that any s have been improperly accessed. Still, as one of many precautions, we're requiring anyone who hasn't changed their since mid-2012 to update it the next time they sign in.

If you are a Dropbox , we recommend you to change your anyway, even if you've ed for the service post 2012. s who ed Dropbox before mid-2012, or who haven't changed their since then, will get a reset prompt automatically when they next sign in. Just follow the steps to change , and ensure that you have strong for added security (Dropbox has a strength meter, use a mix of letters, numerals, and symbols). For s who haven't received a prompt, head to this page, enter ed email ID, and click the link that you receive in email to enter your new .

Dropbox even asks s to enable two-step verification for added security. In order to enable this, to Dropbox, and head to Settings > Security > Enable Two-Step Verification. This will add OTP as an added process every time you log-in. In 2014, Dropbox faced its first massive leak. An anonymous hacker got hold of roughly 7 million names and s and posted them all on PasteBin. However, Dropbox refused to acknowledge the leak, and claimed that the names and s were unfortunately stolen from other services and used in attempts to to Dropbox s.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.