Dropbox prompts certain users to change their passwords

Dropbox is asking users who signed up before mid-2012 to change their passwords if they haven’t done so since then.

The cloud storage service said it was asking users to change their passwords as a preventive measure, and not because there is any indication that their accounts were improperly accessed.

Dropbox said it was taking the measure because its security teams learned about an old set of Dropbox user credentials, consisting of email addresses and hashed and salted passwords, which it believes were obtained in 2012 and could be linked to an incident the company reported around the time.

In July 2012, Dropbox said its investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of of Dropbox accounts. It said it had contacted the users affected to help them protect their accounts.

To read this article in full or to leave a comment, please click here

CIO Cloud Computing

Google still trying to kill passwords: This new auth idea sounds interesting

Google is testing an interesting new authentication idea. In a bid to get rid of the password, la GOOG will instead pop up a prompt on your phone, to ask you if it’s really you who wants to log in.

It’s not exactly an infallible, two-factor authentication menthod (2FA). Perhaps you could call it 1½FA, or something?

Mr. Rohit Paul [pictured] is a beta tester of this new whatchamacallit. He leaked news of the closed test to the world, via Reddit.

In IT Blogwatch, bloggers wonder how they can join in.

Your humble blogwatcher curated these bloggy bits for your entertainment.

To read this article in full or to leave a comment, please click here

Computerworld Cloud Computing