The next time you sign-in to Dropbox, you may be prompted to change your password. But, don’t freak out, the cloud storage service says no accounts have been compromised, and it’s just a precaution.
If you signed up for Dropbox prior to mid-2012 and haven’t changed your password since, you’ll be prompted to update it the next time you sign in. We’re doing this purely as a preventive measure, and there is no indication that your account has been improperly accessed. We’re sorry for the inconvenience.
The company is taking the precautions due to a cache of passwords that were grabbed from other websites back in 2012. Dropbox discovered a list of usernames and encrypted passwords that it believes was taken back then. They say there is no evidence that anyone has managed to decrypt the password information, nor has anyone tried to access any accounts, as far as they can tell.
If prompted, all you need to do is choose a new and strong password. We provide a password strength meter to help you. If you don’t receive a prompt, you don’t need to do anything. However, for any of you who’ve used your Dropbox password on other sites, we recommend you change it on Dropbox and other services. We also recommend that you enable two-step verification.
If you don’t see a prompt to change anything, then all is well, and carry on with your life. If you do get prompted, then come up with a nice, strong password that you don’t use anywhere else. (Something we’ve all been guilty of at one time or another.) Plus, you should definitely take advantage of the two-step verification Dropbox offers. It’s another nice layer of protection for your account, and data.