Dropbox Cops to Security Breach, Pledges Measures to Prevent Another
It’s good that Dropbox is admitting the security breach, and it’s taking fixing the immediate problem as well as enacting measures to ensure that it doesn’t happen again.
First, Dropbox contacted affected users and “helped them protect their accounts”. Coming within weeks will be a two-factor authentication system, automated mechanisms to warn you of suspicious activity, and the occasional prompt to change your password.
There’s also a new security page that not only shows you which devices can access your account, but also any current Web sessions attached to your account (complete with information on recent activity and an IP address).
In a post discussing the breach and new security features, Dropbox also reminded users that it’s a good idea to use different passwords for various sites and accounts--you know, so Dropbox doesn’t get hacked again.