Dropbox Forces Some Users to Reset Passwords; Cites Leaked Credential Cache

Advertisement
By Tasneem Akolawala | Updated: 26 August 2016 20:17 IST
Highlights
  • Users registered before mid-2012 will be asked to reset their passwords
  • Those who haven't changed their password since then will also be asked
  • This is due to a hacked file obtained by its intelligence team
Dropbox Forces Some Users to Reset Passwords; Cites Leaked Credential Cache

Dropbox has sent out password resets to all of its users that have signed up for the service prior to mid-2012, or not changed their password since that time. The company asserts that no accounts have been hacked, and the reset is being done as "purely a preventative measure".

The cloud storage company elaborates that measure is being taken after its intelligence team obtained an old set of Dropbox credentials (email addresses as well as hashed and salted passwords that may have been leaked in an 'incident' in 2012, referring to the massive Linkedin hack that year. The usernames and passwords stolen in the Linkedin hack, were used to sign in to many Dropbox accounts as well at that time. This obtained file also links back to the LinkedIn hack, and Dropbox is taking preventive measures to stop it from reoccurring. This file was held quietly for many years, but as it surfaced again, Dropbox wants all of its old users to reset their passwords.

Our security teams are always watching out for new threats to our users. As part of these ongoing efforts, we learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012. Our analysis suggests that the credentials relate to an incident we disclosed around that time. Based on our threat monitoring and the way we secure passwords, we don't believe that any accounts have been improperly accessed. Still, as one of many precautions, we're requiring anyone who hasn't changed their password since mid-2012 to update it the next time they sign in.

If you are a Dropbox user, we recommend you to change your password anyway, even if you've registered for the service post 2012. Users who joined Dropbox before mid-2012, or who haven't changed their password since then, will get a password reset prompt automatically when they next sign in. Just follow the steps to change password, and ensure that you have strong password for added security (Dropbox has a password strength meter, use a mix of letters, numerals, and symbols). For users who haven't received a prompt, head to this page, enter registered email ID, and click the link that you receive in email to enter your new password.

Advertisement

Dropbox even asks users to enable two-step verification for added security. In order to enable this, sign-in to Dropbox, and head to Settings > Security > Enable Two-Step Verification. This will add OTP as an added process every time you log-in. In 2014, Dropbox faced its first massive leak. An anonymous hacker got hold of roughly 7 million usernames and passwords and posted them all on PasteBin. However, Dropbox refused to acknowledge the leak, and claimed that the usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Oppo Reno 14 Pro 5G Launched in India Alongside Reno 14 5G: See Price
  2. Oppo Reno 14 5G Series Launching Today: All You Need to Know
  3. OnePlus Buds 4 Key Features Revealed Ahead of July 8 India Launch
  4. Vivo X Fold 5, Vivo X200 FE to Launch in India On This Date
  5. Honor MagicPad 3 Launched With 165Hz Display, These Features
  6. Nothing Teases Release of Android 16-Based Nothing OS 4.0 Update
  7. Maa OTT Release Date Reportedly Revealed: When and Where to Watch it Online?
  8. Amazon Prime Day 2025 Sale: Discounts, Bank Offers Teased
  9. Honor Watch 5 Ultra With eSIM Support, ECG Tracking Launched
  10. Infinix Hot 60 5G+ Leaked Images Provide a Glimpse at New Side Button
  1. Google Chrome Update Patches Security Flaw That Granted Attackers Access When Users Visited Malicious Websites
  2. Google Is Bringing Gems to the Gemini Side Panel in Gmail, Docs, and Other Workspace Apps
  3. Meta Verified Users Claim ‘Useless’ Customer Support Amid Account Bans Despite Paying for Subscription
  4. Vivo X Fold 5 and Vivo X200 FE India Launch Date Set for July 14
  5. Infinix Hot 60 5G+ Leaked Images Show Off New Side Button, Triple Rear Cameras
  6. Microsoft Cancels Perfect Dark, Shuts Down Developer The Initiative in Widespread Xbox Cuts
  7. Google Updates Android TV Home Screen With Four New Promotional Category Tabs: Report
  8. Google Veo 3 Video Generation Model Comes to India, Available to Paid Subscribers
  9. North Korean Hackers Use NimDoor macOS Malware to Target Web3, Crypto Platforms
  10. Oppo Reno 14 Pro 5G Launched in India With MediaTek Dimensity 8450 SoC Alongside Reno 14 5G
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.