A bunch of valid username/passwords have been released on internets with claims they came from Dropbox and there are up to 7 million more to come.
Dropbox have just responded by force-resetting a bunch of passwords but best to get in early and reset your password yourself in case there's any downtime between release and Dropbox reset.
Also, if you use the same password in a lot of places, please don't do that and change those as well.
Sounds like a slow night in China. :lol:
Quote from: Pæs on October 14, 2014, 02:45:12 AM
A bunch of valid username/passwords have been released on internets with claims they came from Dropbox and there are up to 7 million more to come.
Dropbox have just responded by force-resetting a bunch of passwords but best to get in early and reset your password yourself in case there's any downtime between release and Dropbox reset.
Also, if you use the same password in a lot of places, please don't do that and change those as well.
Great. :kingmeh:
Looks like the passwords may have been sourced from third-party services, rather than from Dropbox itself. Still probably a good opportunity to change your password.
Passwords are annoying.
Quote from: Pæs on October 14, 2014, 03:17:49 AM
Passwords are annoying.
Very true, until you get a password manager.
1Password was the best $35 I spent all year.
Where's the compromised list? those normally end up on pastebin, wouldn't mind checking if mine is there.
Full list isn't up, a random sample from the B's
We'll guess it's time to change the password, again.
Full list hasn't been released.
What it looks like this was, and what Dropbox is claiming it is, is a list of passwords compromised elsewhere, then checked against Dropbox users so they could pretend they stole them from there.
They release a small sample of these user/password combos and asked for bitcoin to release the rest (which they aren't likely to have many of).
If you want to check whether your email has been included in recent password dumps, check out https://haveibeenpwned.com/