Dropbox Confirms User Info Stolen, Adds New Security
Dropbox confirmed that some user accounts and passwords were compromised a few weeks ago, including a Dropbox employee account with a project document containing email addresses. With that, Dropbox has contacted those users and is working on several new security measures to prevent future security issues.
Keeping Dropbox secure is at the heart of what we do, and we’re taking steps to improve the safety of your Dropbox even if your password is stolen, including:
- Two-factor authentication, a way to optionally require two proofs of identity (such as your password and a temporary code sent to your phone) when signing in. (Coming in a few weeks)
- New automated mechanisms to help identify suspicious activity. We’ll continue to add more of these over time.
- A new page that lets you examine all active logins to your account.
- In some cases, we may require you to change your password. (For example, if it’s commonly used or hasn’t been changed in a long time)
– Dropbox Blog
Dropbox recommends its users use different passwords for their bank, email, and various websites, and to use a secure password management tool, such as 1Password. I personally recommend and use LastPass, but would switch for that has an Android App for free.