Dropbox discovered that an old set of user credentials (email addresses and passwords), were stolen in 2012. From what the company says about this security leak (see Dropbox help), the passwords would still need to be cracked because they were hashed and salted, which sounds like a cookery recipe, but it is not for baking a cake, it is used when encrypting passwords.
Accounts and passwords created since 2012 appear to be OK and Dropbox has sent out emails and password reset requests for anyone with accounts from 2012 or earlier who might have been among the stolen data.
It is still worrying and whether you received the email from the company or not, it is a good idea to reset the password and replace it with a brand new one.
You can log in to Dropbox, go to your account settings, then to the security section and the password changer, or go to dropbox.com/forgot and say you forgot it. You haven’t forgotten it, but this causes Dropbox to send a password reset email to you. You can then open the message and click a link to go to the website and create a new password.
Did you know that you can replace your old Dropbox password with a brand new and very secure one with one mouse click? You can. Well, sort of one click, after about half a dozen other clicks. However, you do need a password manager and LastPass will be used for this step-by-step guide (get a free LastPass account), although some others can perform this trick too.
1 Go to your LastPass vault
I am using Chrome for this, but LastPass is available for Firefox and with the Windows 10 Anniversary Update it is now available in Edge too. Click the icon in the toolbar to show the menu and then click My Vault.
2 Search and edit
You can browse through all the websites in LastPass until you find Dropbox, but the search facility displays it instantly. Mouse over the item and click the wrench icon to enter edit mode.
3 Auto change your password
LastPass can change your password on many popular websites automatically. If it can, it displays a link underneath the Password box. Click Auto Change Password.
4 Let it do its work
LastPass will now go ahead and change the password if you click the Change Password Now button. There is no need to visit the website or to log in because everything is carried out automatically.
5 Password is changed
After about 30 seconds, LastPass reports that the password has been changed.
The password selected is much more secure than any you can think of and it chooses a random collection of letters and numbers than are meaningless.
It is impossible to remember, but then LastPass is designed to remember passwords for you, and it is available on all your computers for free. It works on phones and tablets if you have a premium account too.
So what is the password? If you really want to know, return to the Edit Site screen (step 3) and click the eye icon at the right side of the Password box. It displays the password instead of the black blobs.
Whenever there is a security breach at an online service, you can quickly change your password using this automatic service. In fact, why wait? You could change a whole bunch of them in no time with this auto-changer.