NOTICE: Dropbox breach is reminder to change passwords, use two-factor
Tuesday, September 6, 2016
Recent news reports of exposed Dropbox passwords offer a good reminder to protect your personal accounts as well as your university accounts.
If You Have a Dropbox Account
If you have a personal Dropbox account, you should change your Dropbox password and consider setting up two-step verification.
Dropbox passwords from 2012 have been exposed and made available on the Internet. Dropbox is notifying its users and prompting those with affected passwords to change them. To protect your Dropbox account:
Note: The university does not have an agreement with Dropbox and does not offer Dropbox accounts. If you use Dropbox, you have a personal account.
Protect Your Personal Accounts
Follow these best practices to protect all your personal accounts, including Facebook, Twitter, and so on.
- Use a unique password for each account. Do not re-use your UMICH password for personal accounts.
- Change your password for each of your personal accounts at least once a year.
- Turn on two-factor authentication or two-step verification whenever it is available. That way, even if your password is compromised, your account is still protected. Check the documentation and online support for each service for details.
References
- I’m being asked to create a new password on dropbox.com—why, and what should I do? (Dropbox Help Center)
- Hack Brief: 4-Year-Old Dropbox Hack Exposed 68 Million People’s Data (Wired, 9/31/16)
- 68 Million Dropbox Accounts Hacked And That's Why You Need To Change Your Password Now (Tech Times, 8/31/16)
- Resetting passwords to keep your files safe (Dropbox Blog, 8/25/16)
- The Dropbox hack is real (Troy Hunt's Blog, 8/31/16)