14 DAY TRIAL // As you may have heard by now, some seven million Dropbox credentials have been dumped on the Internet, much to everyone’s exasperation. The company has denied being hacked, pointing the finger to third-party services instead.
Some 420 username and password pairs went public on Pastebin, but the poster says there are 6,937,081 entries in the database, which will get published if Bitcoin donations are made.
Whether or not the money will be raised or not remains to be seen, but if the entire data trove is dumped on the Internet, then this will be a massive safety issue for Dropbox.
Change your password
That being said, it’s probably safe to say that it’s high time you changed your password. Dropbox has announced that all passwords revealed so far have been automatically reset, which means that people should be getting some sort of notification via email.
Since this is most likely the next big phishing scheme, namely messages from “Dropbox” advising you to reset your password, make sure that you don’t follow links sent via emails. Instead, simply open up a new tab, type in the Dropbox address on your own, log in and make sure that the SSL lock is set in the address bar above.
Once you’re logged in, click on your name in the top right area, go to Settings and choose the “Security” tab. From there, pick the “Change password” option.
Make your password safe
You’ll have to type in your current password and then the new one. For the new one, Dropbox will show you on the side of the text box just how safe the password you chose is by filling in several blue lines.
Make sure the password is lengthy, contains lower and upper case letters, numbers and even other symbols. Also, you’ll have to make sure it’s something you can remember, like an inside joke, something that amuses you and so on. Experts agree that they should have at least eight characters, but if you think you can remember more, then go ahead and try that on.
Enable two-step verification
You should also make sure to enable two-step verification. Then, even if your password is somehow leaked or something figures it out, they won’t be able to get into the account without getting their hands on your mobile device.
Dropbox offers two options for those who want to enable two-step. The first is sending you codes via text messages on your phone, while the second involves using a mobile app.
One example for such a tool is Google’s authenticator. All you have to do is launch the app, click the set up a new account and use the app to scan the barcode that Dropbox provides on the screen. You’ll soon have to enter the security code generated by the mobile authenticator app, which is only there for a limited time span, for confirmation.
Dropbox will then offer to get your phone number too, in case the first app stops working. As a last resort, it will provide an emergency backup code to disable two-step verification and access your account.
