Dropbox Dropped the Ball

You probably have enough managers in your life—your boss, your boss’s boss, your kids, your spouse, your dog—but we suggest you seriously consider getting just one more: a password manager.

password-866979_1920The good news is you don’t have to fetch coffee for or even talk to this manager. A password manager is a software application that stores and organizes your passwords, typically in an encrypted state. You create a complex, creative master password and use it to unlock and gain access to your entire password database. And if you get lazy, most password managers have the ability to generate, and subsequently store, unique complex passwords as needed.

If you’re anything like me, you’re thinking, Why do I need to manage my passwords? I use the same one for every account. If you are thinking this, don’t admit it. To anyone. Hackers are all over this—they use the stolen credentials and attempt them in all common accounts, and the next thing you know, you’re sending SPAM e-mails to your entire address book and personally refurnishing an apartment that isn’t yours.

Password managers can help you avoid becoming the victim of a data breach, like the one that affected Dropbox and its users. The breach occurred in 2012, but new problems are surfacing. After the incident, Dropbox, a cloud storage company, informed the public that users’ e-mail addresses had been breached, but made no mention about passwords. Recently, the technology-, science-, and society-focused online magazine and video channel “Motherboard” reported that over 68 million credentials, including passwords, were compromised. Users who have been using the same password for their Dropbox since the breach in 2012 could be at risk. Thankfully, Dropbox has since notified all impacted users and is forcing password resets.

Those involved in the Dropbox hack will likely consider using a password manager from now on. When possible, enable two factor authentication on your accounts. For context, two factor authentication, a method of confirming a user’s claimed identity, is something you know (password) and something you have (a physical token). This won’t ensure 100% security (because that just isn’t possible), but measures like this will definitely increase your online protection.

If you are interested in knowing if any of your accounts are posted on the internet, you can check at have i been pwned? Just enter your e-mail address to see if it has been linked to any compromises.


Today, employees still remain the biggest threat to your corporate data. Download our FREE whitepaper:



7 Ways Your Employees Put Your Corporate Data at Risk




Leave a Reply

Your email address will not be published. Required fields are marked *