has Dropbox been hacked?

Many iPhoneographers use cloud-based storage service Dropbox to store, transfer, and share photos. Many iPhone photo apps integrate seamlessly with Dropbox. You’ve probably got them enabled. It’s easy and convenient.

Overnight, multiple websites have picked up the story that Dropbox had been hit by a “massive hack of 7,000,000 accounts”. Dropbox denies that they’ve been hacked, claiming that these passwords were stolen from other, unnamed, third-party services.

In light of some other, recent high-profile hacks, here are a few things you can do right now to protect yourself:

I first read about this here on Cult of Mac. Click the link to read more about this breach.

Although Dropbox says that that the vast majority of the effected passwords “have been expired for some time now,” there’s no telling for certain if yours is one of the compromised passwords until it’s too late. The sooner you act, the greater your chances of avoiding or minimizing damage. Here are a few steps you can take to protect yourself and your data in this breach.

Dropbox security settings, how to change your dropbox password

Change Your Password Now

In your Dropbox > Settings > Security, change your password now. Change it to something strong. Longer passwords with a mix of upper and lower case letters, numbers, and symbols such as “#”, “_”, and “!” are good. Long, unique, random passwords are better. lifehacker has an excellent post on creating strong passwords and why passwords that would pass muster a few years ago are easily cracked today.

In fact, Dropbox may have already taken this step for you. Last night, shortly after I logged into my Dropbox dashboard with my old password, I found my password had been reset by Dropbox while I was attempting to change it. It’s best to check now to avoid any surprises later.

Use a Unique Password for Each Website

Don’t recycle your passwords across the web. Use a different password for each website you need a login for. Once a hacker has your login and password credentials, they’ll try the combination on other websites. They know many of us use the same info across different services. This is one of the easiest ways data can be compromised.

Enable 2-Step Verification on Dropbox and Other Web Sites

Have Dropbox (and other websites that offer this feature, such as Google and Facebook) send your phone a text message every time a new device or app tries to access your account. Yes, it’s a pain in the a**. So is having your data compromised. But if you’re like me, when are you ever really far from your iPhone?

Think You’ve Been Compromised? Check Your Dropbox for Unauthorized Apps and Devices

… and remove them. In your Dropbox > Settings > Security then scroll down a bit to Devices and Apps Linked. From here, you can easily remove any app or device that looks suspicious. It’s also a good time to cull Dropbox access to all of those long-deleted photo apps that cluttered up your Dropbox.

Change Your Passwords Regularly

Don’t rotate them or switch out a number or two. Change them completely. Do this regularly.

Use a Password Safe to Create and Store Your Passwords

I’ve been using 1Password on both my iPhone and my Macs for years. The built-in password generator makes it easy to create long, random passwords. 1Password for Mac integrates seamlessly with Safari, Firefox, and Chrome browsers. For other applications, there’s a handy menubar item where I can copy and paste my passwords without revealing them.

1Password 5 for iOS now has a widget that integrates with iOS Safari. Sync between iPhone and desktop has been reliable and painless for me. The new version of the iOS app allows you to unlock the password vault with Touch ID on supported devices. Although I can’t pronounce most of my passwords now, in real life, I only have to remember one password.

Both apps are pricey, but for me reducing the inconvenience of having to remember a ton of passwords like “72PNafFAzJjNZ” more than justifies the investment.

You can try 1Password for iOS free. The free version is a very useful password vault. $9.99 unlocks the Pro features. The Mac and Windows versions have a free trial period on the AgileBits website or you can purchase 1Password for mac from the Mac App Store, link below.

1Password – Password Manager and Secure Wallet for Mac |

1Password – Password Manager and Secure Wallet for iOS |

Once again, there are dark corners of the internet and there are people who are going to try and hack your accounts. 7 million passwords stolen may seem like a faceless crime until you find your account is one of the millions. Surf safe out there.