So as some of you may or may not know, Dropbox was purportedly hacked and 7 million usernames/passwords are in the wild as of yesterday.
Dropbox issued a statement after the news broke, "Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We'd previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well."
What does that mean? Well, the long and short of it is that people tend to reuse their logins. Or put another way, people reuse the same password and email sign in across the board for everything. If it leaks or is hacked from one place it'll be as if it was leaked/hacked from all.
In this day and age security should be a concern for all but laziness tends to win out because remembering multiple passwords for each and every site is tough, especially when most people don't use 2 factor authentication (2FA), which I've talked about before, or password managers of reputable standing. Not all password managers are created equal, guys/gals. Do your homework before signing up for the first one you come across.
For those wondering which password manager would be useful, I highly recommend LastPass. It's available free for use, but shelling out the $12 for the Premiun version/access gets you all kinds of extras (including apps, an ad-free experience and additional features and what have you).
On any given week I eat out at a fast food place during my lunch break at least twice, which usually means I spend about $10 when I do each time. $12 for a year's worth of security is pretty much a no brainer by comparison and definitely something we should all be able to stomach at least as far as our wallets are concerned.
But I digress, so let's break things down numerically.
1. If you're reusing passwords you're not an idiot, but you're not security conscious.
2. Stop reusing passwords!
3. Go change your passwords, stat!
4. Turn on 2 factor authentication wherever possible! (See the link I included about my previous post on the issue for how and where you can do that.)
5. Use a password manager! (They're available for your computers and mobile devices, so there's no reason to not use them.)
6. Profit! Or Bro Down. Whichever you prefer.