Dropbox is a major player in cloud storage, which is a low-cost option for those who need large amounts of storage and don’t want to haul around multiple external drives to do so. It is becoming preferred largely amongst small businesses and even big ones as well.
Recently, Dropbox announced on its blog that it has had a security leak, and although it only affected a few users, the data is out of the users’ hands as it is not stored locally. “A stolen password was also used to access an employee Dropbox account containing a project document with user email addresses. We believe this improper access is what led to the spam. We’re sorry about this, and have put additional controls in place to help make sure it doesn’t happen again,” Dropbox engineer Aditya Agarwal said on its blog.
Some of the new features Dropbox is implementing to prevent security leaks in the future include:
1. Two-factor authentication, a way to optionally require two proofs of identity (such as your password and a temporary code sent to your phone) when signing in. (Coming in a few weeks)
2. New automated mechanisms to help identify suspicious activity. They’ll continue to add more of these over time.
3. A new page that lets you examine all active logins to your account.
4. In some cases, they may require you to change your password. (For example, if it’s commonly used or hasn’t been changed in a long time)
“At the same time, we strongly recommend you improve your online safety by setting a unique password for each website you use. Though it’s easy to reuse the same password on different websites, this means if any one site is compromised, all your accounts are at risk,” Agarwal added, stressing the need for security not only on Dropbox, but on all websites that require a username and a password.