Dropbox users may be receiving a prompt to change their passwords. According to Dropbox this is a precautionary measure for users who have been using the service since 2012 but have never changed their passwords. Four years is a long time.
Security experts recommend:
- Use strong passwords which should be at least 8 characters long with numbers and special characters
- Secure your passwords in an encrypted file, password manager, or online/offline security service
- Do not reuse passwords across multiple services or logins
- Change them immediately if you suspect anything suspicious
- Change them every year or so just in case, and do not just increment the numbers. “Pas$word1” to “Pas$w0rd2” is not good. You aren’t fooling anyone.
- Setup multi-factor authentication (ex. password with another form of verification) on valuable accounts like bank access
Your passwords protect your data, system, reputation, and online identities. If you are responsible and handle them carefully, you will minimize risks of being a victim.
Interested in more? Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.
Is a sequence (123... abc... qwerty and so on) easier to be broken? Are there attempts made by computers that consider these possibilities first? I have no idea how to crack a password, but I'd like to understand it, so that I can minimize the chance, whereas keeping my passwords as simple as possible.
Yes, good password crackers will use lists of well known passwords and test against them first. Then dictionary attacks and variations on them. Finally they will set about to do letter and special character combinations. So yes, the 'easy' passwords get broken extremely fast.
Consider moving to a passphrase, which is longer but meaningful. Lyrics to a song or your favorite line from a show, with numbers switched for letters as an example.
Matt,
Do you have any preferences in a password manager? I'm typically using KeePass, but wondered if you had a different recommendation.
https://steemit.com/steemit/@gikitiki/usine-keepass-to-secure-your-wallet-with-strong-passwords
It all depends on what you are looking for. KeePass has good reputation. I like that it is managed by the user and not by others or a cloud service. But it is not as user-friendly as some of the more feature rich password managers. I would try out a few from trustworthy companies who are in the security business. That way they will work to keep it updated.
Interesting article! I just got my e-mail stating I needed to take this precautionary measure.
Take it as serious as the data you have stored in your Dropbox. If it is information you don't want destroyed, in the public, or tampered in any way, I suggest making a strong password.
Who uses dropbox anymore ? Seriously !??