News:

You're miserable, edgy and tired. You're in the perfect mood for PD.com.

Main Menu

PSA: Change your Dropbox password.

Started by Pæs, October 14, 2014, 02:45:12 AM

Previous topic - Next topic

Pæs

A bunch of valid username/passwords have been released on internets with claims they came from Dropbox and there are up to 7 million more to come.

Dropbox have just responded by force-resetting a bunch of passwords but best to get in early and reset your password yourself in case there's any downtime between release and Dropbox reset.

Also, if you use the same password in a lot of places, please don't do that and change those as well.

Doktor Howl

Sounds like a slow night in China.   :lol:
Molon Lube

Mesozoic Mister Nigel

Quote from: Pæs on October 14, 2014, 02:45:12 AM
A bunch of valid username/passwords have been released on internets with claims they came from Dropbox and there are up to 7 million more to come.

Dropbox have just responded by force-resetting a bunch of passwords but best to get in early and reset your password yourself in case there's any downtime between release and Dropbox reset.

Also, if you use the same password in a lot of places, please don't do that and change those as well.

Great.  :kingmeh:
"I'm guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk," Charles Wick said. "It was very complicated."


Pæs

Looks like the passwords may have been sourced from third-party services, rather than from Dropbox itself. Still probably a good opportunity to change your password.

Passwords are annoying.

ñͤͣ̄ͦ̌̑͗͊͛͂͗ ̸̨̨̣̺̼̣̜͙͈͕̮̊̈́̈͂͛̽͊ͭ̓͆ͅé ̰̓̓́ͯ́́͞

Quote from: Pæs on October 14, 2014, 03:17:49 AM
Passwords are annoying.

Very true, until you get a password manager.

1Password was the best $35 I spent all year.
P E R   A S P E R A   A D   A S T R A

Faust

#5
Where's the compromised list? those normally end up on pastebin, wouldn't mind checking if mine is there.

Full list isn't up, a random sample from the B's

We'll guess it's time to change the password, again.
Sleepless nights at the chateau

Pæs

Full list hasn't been released.

What it looks like this was, and what Dropbox is claiming it is, is a list of passwords compromised elsewhere, then checked against Dropbox users so they could pretend they stole them from there.

They release a small sample of these user/password combos and asked for bitcoin to release the rest (which they aren't likely to have many of).

If you want to check whether your email has been included in recent password dumps, check out https://haveibeenpwned.com/