
The Dropbox hack is real - joshschreuder
https://www.troyhunt.com/the-dropbox-hack-is-real
======
oxplot
Make sure you sign yourself up for something like
[https://haveibeenpwned.com](https://haveibeenpwned.com) if you haven't
already. Sometimes being timely in responding to leaks can make a big
difference on any further leaks.

~~~
netule
This was a strange way to find out that I have a Tumblr account.

~~~
shaurz
I think there was a time when it was once considered a vaguely normal blogging
platform.

~~~
erikpukinskis
It's abnormal now?

------
achr2
Dropbox should absolutely be held to the flame for trying to downplay the
severity of this. Their communication says 'This is purely a preventative
measure', but if you had/have reused this password on any other sites (let's
face it a huge proportion of non tech savvy people do this) then your entire
online presence may be exposed.

~~~
Swizec
Non tech savvy? _Everyone_ does this. It's practical.

Sure most of us have a few passwords we reuse, but I know less than 5 people
with truly unique passwords.

~~~
dsacco
Considering the consequences of password breaches, it's decidedly impractical.
Password managers make it very easy to have unique passwords for all websites.

I don't even know any of my passwords.

~~~
softawre
Except the one to your password manager :)

~~~
BinaryIdiot
This scares the crap out of me. I have to remember this one, super long and
complex password for my password manager. If I ever accidentally paste it
somewhere else, type it in somewhere or somehow it's leaked from the password
manager then I am completely screwed. This one, tiny thing can completely turn
my life upside down. For sites that require security questions those are easy
to game so the only way to be secure is making up answers. So I wouldn't even
be able to reset a large amount of very important passwords!

I wish we had a better alternative to passwords. Something that's actually
good, solid, can't lose or forget. I get the feeling we won't have that until
we can start implanting chips in ourselves.

~~~
tempestn
Make sure you turn on 2FA on your password manager. That should allay most of
those fears. (Of course you would still change the password if it was leaked
somehow.)

~~~
andruby
1Password doesn't have 2FA because it needs to decrypt your data. It does have
a long "secret account" key that you need along with your password.

------
0x0
It was pretty obvious the dropbox hack was real several years ago, because
lots of spam mail started arriving at my dropbox-unique email almost
immediately after the breach. I changed my email to another unique address
quickly back then. Unique-per-service email addresses work pretty well as a
canary for breaches. Just make sure there is more uniqueness than just the
service name to such addresses, or someone could see your pattern and start
spamming by guessing popular services.

On a side note, don't forget the time dropbox accepted ANY password during
logins - [http://www.cnet.com/news/dropbox-confirms-security-glitch-
no...](http://www.cnet.com/news/dropbox-confirms-security-glitch-no-password-
required/)

~~~
CookieMon
> Unique-per-service email addresses work pretty well as a canary for breaches

I do this too, but it taught me _everything_ is breached - the local ambulance
service, the local computer store, the local car share, small businesses
overseas that I've placed orders with.

Some of the big names don't seem to be, which is lucky because otherwise I'd
be wondering if it was the ISPs that had been breached. Either large chunks of
SMTP routes are breached and picking up confirmation emails, or there's a
giant iceberg of pwnage floating beneath the surface out of view.

~~~
inputcoffee
How do you guys do this? IS there a service? Do you add na.melast@gmail Or do
you create them on your own domain through the hosting company?

~~~
rrdharan
You can use anything after a + character with Gmail.

E.g. myaddress+service1@gmail.com will go to your inbox and you can filter on
it.

~~~
joezydeco
But not every website out there allows you to enter this as a valid email
address.

My earlier hypothesis was that this was on purpose, to make sure you don't use
a filter on any email they might send. But these days I'm tending to think
it's just a bad regexp on their side.

~~~
discreditable
Even worse, some sites let you enter a plus address initially but that address
will not work in some account management pages. I had an instance where I
signed up to a pizza place with such an address and I could not unsubscribe or
edit my mail preferences because of it.

~~~
vangale
For example, overstock.com. Their registration page lets you use '+' address,
but their login page forbids it.

------
willvarfar
50% of the leaked hashes were bcrypt and the other 50% were salted sha1.

So, asking the HNers who crack passwords or follow the tech closely and have a
good feel:

Salted sha1 can be brute forced much quicker, but in practical terms what kind
of complexity of password is vulnerable _today_ if it was stored salted sha1
vs bcrypt?

And how can this be projected to change in the next couple of years?

~~~
mmaunder
The salts for the sha1 passwords weren't leaked. So they're hard to crack in
practical terms. Depends how random they were.

See hashcat docs and benchmarks for complete answers to your questions. The
GPU versions of hashcat.

~~~
willvarfar
I actually googled before asking my question, and couldn't come up with a good
feel for just how crackable these are with hashcat... I guess I don't know the
terms or the prices.

Is anyone able to make any sense of the GPU hashcat benchmarks that are
posted? Something distilled down to "if you spend $xxx, then you can crack any
salted sha1 under 12 letters+digits+punctuation in n hours if you knew the
salt; if its bcrypt, that would take x hours". Something like that ;)

Added: I'm a bit confused how the attackers know the hash and not the salt
though; normally they are stored side-by-side. Or were dropbox using a site-
wide salt?

(I've seen systems with a site-wide salt hardcoded into the codebase and a
per-user salt in the db with the hash; This means attackers have to compromise
both sourcecode and db to get far.)

~~~
Dylan16807
A rough estimate for using spot instances on EC2 says you can get maybe 40
trillion SHA1 hashes per dollar. (700MH/s and just under $.07/hour) So one
dollar will crack a password 7 characters long. A million dollars will crack a
password 10 characters long.

Switch to bcrypt and you're now at 25 million hashes per dollar on those same
instances. Now you can barely crack passwords that are 4 characters long, or
for a million dollars you get 7 characters.

That's if you know the salt, of course. Otherwise that gets added on to the
length you're cracking.

None of this is very exact but it gets you in the right ballpark. And you can
compare it to a password manager spitting out 20 character passwords that are
completely immune to brute forcing.

~~~
mmaunder
Pro tip: Build your own GPU cluster out of consumer gear. It's orders of
magnitude cheaper because GPUs for the data center are expensive and/or slow.
Our commercial cracker is consumer gear in a custom built chassis in
colocation. Cloud GPU just isn't there yet.

~~~
willvarfar
So, please give some rough stats :)

------
jsmthrowaway
Repeating from the other thread:

I highly recommend Troy's HIBP service, hiding your e-mail from showing up in
public searches (important for opsec), and donating whatever you can to Troy.
He's doing excellent work. This is the first time it's notified me and it was
great, because I completely forgot I signed up. I appreciate a service that
low maintenance.

HIBP is a truly essential service and I'd be happy to pay more. Even with good
password discipline it's useful knowledge on your exposure and I cannot
recommend it enough. He mentions it near the end but this is one of those no
brainers that should be repeated very loudly.

[https://haveibeenpwned.com](https://haveibeenpwned.com)

~~~
ashitlerferad
It really is about time we stopped using passwords.

~~~
markild
Honestly curious, what should we use?

~~~
laxatives
I'd love it if every time I wanted to log in, I entered my username/email, saw
a two factor-auth, and had an email sent with a time sensitive link containing
my session credentials. But this would be a pain in the ass if I had a slow
connection or used an old email address. And worse, it be totally unsafe if I
could (easily?) change the email address attached to the account.

~~~
kkhire
magic link. That's what medium does for email logins, and slack offers the
option as well. it's easily one of the safest methods

~~~
markild
Ah.. Yes, but that will leave anyone that has somehow gotten access to my mail
to suddenly have access to all my accounts then, wouldn't it?

~~~
ascorbic
They already do if they have password reset over email. That's why you need
2FA.

------
donw
Since lots of people will be rotating passwords, this is probably a good time
to set up Two-Factor Authentication (2FA) as well.

I recommend Authy as your 2FA app, as it lets you set a backup password, which
you can use to move your 2FA tokens between devices.

For your critical services, keeping encrypted copies of your backup codes is a
must.

~~~
cm2187
2FA is a major inconvenience. The login process goes from 1-2 sec to 30sec.
Sometimes a lot longer (some 2FA do not seem to think it is critical to send
the email or txt msg right away, and even when they do, email servers do not
really work real time, and then you have the time it takes to find your phone,
unlock, decline twice the iOS update prompt, go to the right app, find the
right msg, copy the code, check it is correct, etc etc).

Yeah if it is really a critical service and rarely used, we should. But if I
have to wait 30sec in front of a login box every time I go on netfix or on
amazon, you can bet their sales will go down the drain.

~~~
creshal
> some 2FA do not seem to think it is critical to send the email or txt msg
> right away, and even when they do, email servers do not really work real
> time

SMS isn't real time either, it's best effort. Mostly (~99,9%) it gets through
within seconds, but delays of a few minutes are perfectly acceptable to
telcos. As service provider you can't do much about it, either pay through the
nose for "priority" delivery (which maybe halves the amount of delayed
messages in our experience) or tell your customers to switch mobile providers
(yeah, good luck with that).

~~~
scrollaway
As a service provider there is something you can do about it: Use well known
out-of-band 2FA specs such as TOTP. Those are compatible with Google
Authenticator and don't require a phone number, which is a massive
inconvenience (not always available, not available in every country, SMS not
reliable, requires an ID, not free, leaks personal information to the service
provider, ...)

~~~
creshal
Well, yeah. We're not using SMS for 2FA, just for delivering monitoring
alerts. With those reliability statistics (and the impossibility to improve
it) I wouldn't do SMS-based 2FA at all.

~~~
dboreham
We've found other interesting behavior in email-to-SMS services using it for
alerts (this is in the US):

Verizon: will deliver all messages typically with low latency.

AT&T: Variable delivery latency and they have some sort of rate-limiting where
if your system generates 10 alert messages within a short period, they queue
them up for a couple of hours!

Inmarsat: Fast consistent delivery but they have an undocumented rate cap that
when reached results in all (all!) messages being black-holed for 30 days.
There is no way to reset this state. The cap is something 150 messages per
month or 5 per 10 minute period.

------
lllorddino
> 1Password now has a subscription service for $3 a month and you get the
> first 6 months for free.

Don't pay for this people. Use the open source password manager Keepass
[http://keepass.info/](http://keepass.info/)

~~~
kumarski
the website is so poorly designed, it leads to consumer-non-adoptability.

~~~
vog
Indeed. I would really love to recommend Keepass, but their website is really
ugly and makes the impression of a non-polished software - even though Keepass
is absolute mature and fine.

On the other hand, the PuTTY website is also everything but polished, but
people have always been using it. Also, I suspect that most people will get it
through the third-party site "www.putty.org" instead of the real PuTTY
website, whose URL is as complicated as:
[http://www.chiark.greenend.org.uk/~sgtatham/putty/download.h...](http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html)

~~~
trimbo
> their website is really ugly

I don't think it's ugly -- just dated. Isn't it weird that mentally we trust
software less if they have a dated website? Shouldn't it be the opposite? (As
in: a dated website means this software is mature and tested?)

~~~
funkymike
The problem with dated websites is that they have the appearance of being
thrown on the web in 10 minutes and forgotten about rather than being mature
and tested.

If the software is well supported and maintained than the website should be
too.

------
zaroth
> As for Dropbox, they seem to have handled this really well.

I'm biased, but I can't agree with this. From what I can tell, there are two
communications from Dropbox -- one in 2012 [1] and one last week [2].

In 2012 they did not disclose that hashes were stolen, so I don't see how it's
really relevant. In the latest communication, they don't actually explain the
risk to the user. They say it is "purely as a preventative measure" but if
salts and hashes were accessed, then that is not the case.

Just because Troy doesn't have access to some of the salts, doesn't mean the
attacker doesn't have access. We don't know how many iterations of SHA-1, but
SHA-1 can be run by a single GPU on the order of billions of times per second.
So unless Dropbox is coming out and saying they know for certain that random
128-bit salts were definitely not accessed by the attacker, almost all of the
SHA1 hashed passwords are getting cracked. Users need to know their passwords
are exposed, and must be reset not as a preventative measure, but because they
are almost certain to be compromised.

As for the salted/bcrypt passwords, we can see from Troy's hash they used
$2a$08$ which is bcrypt with a cost factor of 8 -- 2^8 iterations. Gosney's
latest rig [3] could crack these bcrypt hashes at about 105,700 / 8 = 13,212
per second. That's not terrible, but that's still 416 billion tries in a year
for a modest investment.

[1] - [https://blogs.dropbox.com/dropbox/2012/07/security-update-
ne...](https://blogs.dropbox.com/dropbox/2012/07/security-update-new-
features/) [2] - [https://blogs.dropbox.com/dropbox/2016/08/resetting-
password...](https://blogs.dropbox.com/dropbox/2016/08/resetting-passwords-to-
keep-your-files-safe/) [3] -
[https://gist.github.com/epixoip/a83d38f412b4737e99bbef804a27...](https://gist.github.com/epixoip/a83d38f412b4737e99bbef804a270c40)

~~~
nxzero
>> "Users need to know their passwords are exposed, and must be reset not as a
preventative measure, but because they are almost certain to be compromised."

This should be assumed regardless of what is known if it's know a breach
happened; meaning basic password hygiene should be followed, and I'm the case
of Dropbox, if a user had any plaintext files with passwords to other accounts
(yes, people still do this) - they need to change those passwords too.

~~~
psook
Right, but you're assuming optimal response from every Dropbox user, when I'd
assume the vast majority of Dropbox users aren't aware of best password
practices (or are aware and only change passwords when forced anyway because
'I have nothing to hide'). The severity of the breach means Dropbox should be
forcing password changes. I didn't even receive an e-mail notifying of the
breach. Nothing in the spam filters, it's just not there. The only reason I'm
aware of it is Troy Hunt, and the only reason I'd ever be aware of it is that.
I was getting ready to leave dropbox anyway, this just reasserted that it's
the correct decision.

~~~
nxzero
Honestly, I've found security bugs in Dropbox using it (oddly) as designed in
the past and would never use it again; basically, as a non admin I could
become an admin in a business account; reported the issue, had a call with
them and it appeared they fixed it, but still it was a wtf moment for me given
if you're an admin you are able to permanently delete all the data and
according to Dropbox the data would not be recoverable regardless of the time
frame.

As for the average user, to be honest at the point I increaslying feel like
people are responsible for their own security and if you that concerned a
service won't notify you of a breach or make a mistake that to you is
unforgivable — don't use them. Reason I take this position now is because
increased you feel like all the hand holding related to security is dangerous
long-term.

~~~
psook
I agree that, ultimately, the only person who really cares about your security
is you. That is certainly where the buck stops, and if a service has security
you don't agree with stop doing business with them.

However, a forced password and session reset on accounts whose credentials
have become public knowledge isn't "hand holding." It's SysAdmin101. It should
be the first thing you do. Unless I'm misreading you, the stated stance is
"Anyone using dropbox got what they deserved," but not everyone has the
knowledge to perform a security audit. The user is not without blame or having
made mistakes, but Dropbox isn't taking ownership of their own mistakes or
being transparent to every affected user about what those mistakes were and/or
led to. If they want to be a service that does hand-holding, they can give the
correct advice. If they don't, they NEED to be transparent about what occurred
and what information was released or the onus is entirely on them. Right now,
they're doing neither. I think that is criminally negligent, though I'm
certain no legal action will be taken.

I feel that lowering those expectations of a service only helps justify these
shitty, lazy practices to others.

The only thing that would've been exposed in the breach relating to me are the
e-mail address and password for that service itself (alongside all the crappy
memes I stored there), but I'm not ready to watch the world burn from the
sidelines. The security of others is just as much your personal security, and
the more of it others sacrifice the more you'll be expected to do the same and
suffer repercussions for not doing so.

------
peteretep
Dropbox is about the only service I use a memorable password for, as it has my
1Password file in it, which has my Google one-time-auth codes in it. If I lose
my phone while on the road, only remembering my Dropbox password is going to
get me out of the mess. Any sensible other solutions here? It's still ~14
characters, but other than making it more random, what are my options?

~~~
have_faith
All of my passwords are based on the website name that I'm logging in to. I
have a small algorithm in my head about how to generate a password from the
site name that looks at stuff like first and last letter, number of letters,
some kind of prefix/suffix, etc. And I end up with a unique password around 20
characters that I don't need to remember for every website.

This way I don't ever remember a password, I just remember the system.

~~~
chii
Although that feels secure, it's a poor way, security by obscurity is weak. As
soon as some one realize, all your passwords will be revealed...

~~~
DominikSerafin
What can be better alternative? IMO using something like 1Password/Lastpass is
less secure because it then only takes someone to get my master password to
get all my other passwords.

~~~
Shank
Your master password shouldn't really be something that's going to be in
either a dictionary, or brute forcible. Nobody is going to "get" it unless you
make it insecure. If you're using their sync services, however (especially
LastPass), you're more vulnerable to phishing attacks, and the vault can
potentially be stolen and crack attempts run offline. However, both services
use a heavy level of encryption that requires the passphrase to unlock, so as
long as that's not dictionary based or brute forcible, you're totally fine.

------
VeejayRampay
Can someone in the know indicate how to BEST manage passwords for different
services in a secure way in 2016? Should I be using password managers (à la
1Password, LastPassword and others), or use something like Keychain Access on
Mac OS X (what are the Windows equivalents?), anything else? It's important to
note that not everyone is well-educated on the matter, despite the fact that
most people on HN are technical people.

EDIT: Thanks everyone for your answers, this is a good example of the power of
communities.

~~~
m0nty
Download a password manager like Keepass, Lastpass or Password Safe:

[https://en.wikipedia.org/wiki/List_of_password_managers](https://en.wikipedia.org/wiki/List_of_password_managers)

I use Keepass, it does exactly what I need.

Secure the password manager itself with a long password. Put your logins into
it, and generate a unique random password for each one, then go to the website
in question and change the password to the new one.

When you want to login to that website, open your password manager, copy the
password to your clipboard and paste it in. Remove the password from the
clipboard (Keepass does this automatically after about 10 seconds).

That is ALL you _need_ to do. You could get into using keys, etc, to secure
the password manager but if you have a long, unique password for the password
manager, it shouldn't be necessary. I'm sure others can provide you with info
on how to finesse the process using online password managers, etc, but what
I've just described is the basics. Start simple, ramp it up later if you're
the paranoid type (which you should be ;)

EDIT: Another thing, if you can use two-factor authentication, do it. I use
this on my Google accounts, Paypal and my bank.

[https://www.google.com/landing/2step/](https://www.google.com/landing/2step/)

[https://www.turnon2fa.com/tutorials/how-to-turn-on-2fa-
for-p...](https://www.turnon2fa.com/tutorials/how-to-turn-on-2fa-for-paypal/)

Another edit: You can store more in the password manager than just passwords.
I keep a scan of my signature in there in case I have to put it into one of
those (admittedly insecure) PDF-type forms to "verify" I've signed something.
I also make up stupid answers to password hint questions and these also go in
the password manager, e.g. "First school" -> "Dr Magnus Pike's School for
Aspiring Arsonists". Too easy for people to work out what my _real_ first
school is called.

~~~
tajen
Is Keychain Access from OSX a safe password manager?

Also, how comes all security-aware people trust 1Password and LastPass, even
though they are not open source? Isn't that one of the rules of security,
publish the source so we can trust it?

~~~
m0nty
Another "rule of security" is that taking one step forward is better than
nothing at all. So theoretically, a proprietary password manager could have a
backdoor which could be used by the vendor or security services. But that's a
relatively small group of people compared to "the whole world" which is where
most people are with easily-guessed passwords which get reused everywhere.

Also, the idea that an army of trained security professionals is ready and
able to scan open-source software for vulnerabilities isn't true - I think
there was a study a few years ago which proved these security checks often
didn't happen, people just assumed they did. The OpenSSH (secure shell)
software was compromised for years and nobody noticed, and it is true open
source and a critical part of people's systems as well.

You're looking to mitigate risks. A password manager is a step in the right
direction. If you are truly paranoid (good for you) something like this, based
on GPG, might be the right answer for you:

[https://www.passwordstore.org/](https://www.passwordstore.org/)

Personally I prefer not to use cloud-based password managers because I don't
know what their backend security is like. But those more knowledgeable than me
might say "they're fine" because of the way the encryption is structured.

------
watson
What really bothers be about this is that Dropbox hasn't bothered to reset the
sessions. Even after I manually reset my password (which I wasn't prompted or
forced to do btw), all my apps (iPhone, desktop etc) that have existing
sessions wasn't expired. So for all I know, a hacker might already have an
open session to my Dropbox and changing the password will not fix that

Clarification edit: I did receive the e-mail from Dropbox letting me know that
I should change my password, but when visiting dropbox.com I was already
logged in and wasn't prompted to perform the pw reset

~~~
gwbas1c
I'm a lead at Syncplicity, a prominent competitor. Early in my career at
Syncplicity I changed all of our desktop clients to use long-lived sessions
that do not reset when the user's password is changed.

For us, this is deliberate for a few reasons. Most of our customers
authenticate via their employer's SSO (single sign on) and do not use any
Syncplicity password management. We also do not believe that routine password
maintenance should force someone to run around and re-authenticate all their
computers. (Like Dropbox, a user can log into our web site and remove
computers from their account.)

I do understand the argument that a password change should force a re-
authentication on all clients; but I don't think it's the right approach.
Changing a password is reactionary and preventative. An email notification
will inform a user that his or her account is compromised.

~~~
erikb
Maybe one could add a checkbox to allow users to do that when they want to. My
Skype password was recently hacked and I'm very very happy that I could via
one command logout all the clients. Sometimes it's a feature you really really
want to react fast.

------
randyrand
How is it possible for Hashcat to crack a 20 character long random password in
6ms? That is mind boggling.

I thought he was just going to hash the password and see if it fit the leaked
hash, but no, it looks like he actually did the reverse and cracked the hash
to see if it fit the password, right?

Edit: oh it looks like he provided the password to hashcat in the form of a
psudo 'dictionary' to use. So Hashcat was not really cracking it - just
iterating through a 1 word dictionary - like he said.

~~~
marco1
No, he didn't crack it but just hashed it and checked for equality. So just
what you would have expected.

He did it in a way that appears more complicated to people using Hashcat not
as often as he probably does.

Hashcat used the real password as a single-entry password dictionary. So in
order to "crack" the hash, it grabbed the first and single entry from its
dictionary, hashed it, ... match!

Don't worry, this has been confusing to me and several people in the comments
section on his website as well.

------
sordidfellow
So we finally get validation of
[https://news.ycombinator.com/item?id=5300492](https://news.ycombinator.com/item?id=5300492)

------
aluhut
Self hosting is my way to go. Had enough of this.

> My wife uses a password manager. If your significant other doesn't (and I'm
> assuming you do by virtue of being here and being interested in security),
> go and get them one now! 1Password now has a subscription service for $3 a
> month and you get the first 6 months for free.

How about...not? There are tiny open source tools for every OS. You can do it
locally, save it on a stick or on your damn phone...why taking more risks
especially facing this massive fail here?

~~~
thomasahle
> Self hosting is the way to go.

Because you can secure it better than them? Or because you'll be less of a
target?

~~~
danieldk
It's not clear to me whether the grandparent is referring to self-hosting
password management or file synchronisation. However, one obvious security
advantage of self-hosting is that you can use end-to-end encryption (which
most cloud sync services don't support).

E.g., I use Resilio Sync (formerly Bittorrent Sync) for file sync with
encryption-only keys on my cloud peer. The cloud peer participates in the
mesh, providing bandwidth, but if it gets hacked, no one can read the data.

(Of course, I would prefer an open source solution. SyncThing does not have
the right sharing model for me. So I was thrilled to hear about LibreVault on
HN, which provides functionality similar to BTSync 1.x:
[https://librevault.com](https://librevault.com))

~~~
m0nty
> Resilio Sync (formerly Bittorrent Sync)

Good job they changed their name. Couldn't get the product adopted in a
corporate environment because of all the cries of "Witch! Witch!" when the
suits saw the word Bittorrent in there.

~~~
danieldk
Indeed. And they spun out of Bittorrent Inc. completely, which is known for
doing scammy things:

[https://en.wikipedia.org/wiki/ΜTorrent#Ads_and_malware](https://en.wikipedia.org/wiki/ΜTorrent#Ads_and_malware)

------
maherbeg
What sites does everyone have two step verification on? I'm trying to figure
out where I need to setup two step verification that also accounts for a phone
being stolen/lost.

Between gmail, dropbox (1password is synced here), and apple, I'm not sure
where I should be enabling it. It seems like everywhere but gmail and apple is
probably the right move...

~~~
evan_
Enable it everywhere you can, and just write down & guard the backup keys.

Also, I don't use it, but 1password can store and backup 2FA keys so you can
theoretically recover from a lost phone that way, depending on how you store
the 1password vault. Not a replacement for backup keys necessarily.

~~~
maherbeg
Generally agree here, but I'm thinking about real scenarios in which I may
never be able to recover anything.

One scenario is traveling abroad and having my phone stolen/lost.

~~~
jamesgeck0
For an iPhone, a full backup via iTunes will include the authenticator app
data, won't it?

And you'll be printing out emergency passwords when you set up two-factor
either way.

~~~
maherbeg
It doesn't look like this works with the google authenticator app when
restoring to a different device.

For emergency passwords, does that mean you're keeping a printed out copy with
you when you travel?

~~~
evan_
yes.

------
cimnine
I wonder if they got the seeds ('secret key' in [1]) for the 2FA as well.

[1] [https://en.wikipedia.org/wiki/HMAC-based_One-
time_Password_A...](https://en.wikipedia.org/wiki/HMAC-based_One-
time_Password_Algorithm#Definition)

~~~
danieldk
This hack precedes the introduction of 2FA on Dropbox:

[https://blogs.dropbox.com/dropbox/2012/07/security-update-
ne...](https://blogs.dropbox.com/dropbox/2012/07/security-update-new-
features/)

------
chinathrow
Great read.

He goes on to say that 1Password has a subscription now and that you should
signup for it.

No. I will never, ever put all my passwords into a cloud based password store.
I simply do not trust them to not fuck it up at one point in time.

Am I alone with this view?

~~~
aianus
1Password is not cloud based...

~~~
chinathrow
[https://1password.com/privacy/](https://1password.com/privacy/)

For some products, they are.

"Your vaults, items, and documents are fully encrypted in your 1Password
Families and 1Password Teams and stored on our servers."

------
raverbashing
I wonder why the SHA1s don't have the salt. Were they removed so that only the
original owners have it so it's easier to crack?

Oh well, another HIBP entry with my email address...

------
jorblumesea
Funny, I just got an email a week ago saying they had noticed my password
hadn't been changed in awhile (2012, which was interesting based on the
article). Sounds like they knew about this and beefed up security.Or, they
beefed up security on newer passwords but didn't cut over the old ones? The
email did not mention any data theft, kinda wish it did. Too little, too late.

------
update
I'm surprised no one has mentioned Dropbox's bug bounty program:
[https://hackerone.com/dropbox](https://hackerone.com/dropbox)

You have to wonder if all those grumbling whitehats were on to something when
they said bug bounties should pay a lot more than what they do and that there
IS a black market interest for them.

------
nevi-me
I suppose this is off topic, but I checked one of my email addresses on
[https://haveibeenpwned.com/](https://haveibeenpwned.com/) and found a
LinkedIn hack from May 2016.

Thing is I've deleted my LinkedIn account thrice in 2013. They have no right
to stop have my email after that long.

~~~
manishyt
The hack is from September 2012. LinkedIn knew about it in May 2016.

------
ommunist
OK. Thank you, HN. I just discovered that I've been pwned on Dropbox breach.
If that happened in 2012, and I am using 1Password sync over Dropbox, does
that mean that all my passwords stored in 1Password.pif in 2012 were
compromised too? Probably yes.

------
dbg31415
Why isn't Dropbox reporting this? I'd have more respect for them if they were
more honest about this.

~~~
lloeki
They sent both me and my wife an email a couple of days ago regarding this,
and have a Help Center page[0] for it:

    
    
        Hi <first name>,
        
        We’re reaching out to let you know that if you haven’t
        updated your Dropbox password since mid-2012, you’ll be
        prompted to update it the next time you sign in. This is
        purely a preventative measure, and we’re sorry for the
        inconvenience.
    
        To learn more about why we’re taking this precaution,
        please visit this page on our Help Center. If you have
        any questions, feel free to contact us at
        password-reset-help%dropbox.com.
    
        Thanks,
        The Dropbox Team
    

[0]: [https://www.dropbox.com/help/9257](https://www.dropbox.com/help/9257)

~~~
dbg31415
Thanks. Found the email in my junk folder. Cool, glad they sent something.

------
danso
Well, thank goodness I got robbed after 2012, which caused me to change all my
passwords everywhere. Else I don't think I would've ever gotten around to
changing my Dropbox password, as it's just a long string of randomness.

------
cpach
So besides resetting the password, should one also unlink devices and apps?

~~~
evan_
You should probably audit the list and disconnect any you don't recognize, but
you should probably be doing that periodically anyway with everything...

------
Ffaine
I've never trusted dropbox, cloud etc. They drive me paranoia. :/

------
martin-adams
If find this just interesting that just last week my steam account was
successfully logged in from Russia (I'm in the UK). Looks like I forgot about
Steam to make my passwords stronger.

~~~
andypants
I turn on 2FA wherever I can now. If only steam supported modern 2FA and not
sending a code via email.

~~~
martin-adams
Agree. If they support Google Authenticator, even better. Sometimes the text
messages don't come through.

------
jbverschoor
How can I tell if someone has accessed my account / files?

------
mjmasn
Hmm, my account appears on HIBP, but Dropbox haven't asked me to change my
password on login... Who to believe? (probably not Dropbox)

------
sureshn
Recently I had received an email from Dropbox asking me to change my password
and now I read about the hack , I wonder if there is any correlation here.

------
StanislavPetrov
It never ceases to amaze me how people have bought into "cloud" computing. Its
hard enough to protect your own data, on your own secure machine. Once you
entrust your data to a third party you should have absolutely no doubt that it
is at risk. The larger the organization that that third party is, the more
inherently insecure it is. In the cloud, it only takes one careless, stupid,
or inept person to expose the data of thousands (or millions). And you can't
fix stupid.

No thanks, I'll keep control over my own data.

~~~
fastball
I guess it depends on the data we are talking about?

I have a huge photo library, but I'm not a professional photographer. I'm not
going to sell any of the photos I have on my computer. So when Apple told me I
could offload all that data to the cloud, and worry about it less (from a
backup perspective), I said "absolutely".

Sensitive data is more problematic. But the vast majority of people aren't
handling "sensitive" data.

~~~
StanislavPetrov
>I guess it depends on the data we are talking about?

Absolutely it depends.

> But the vast majority of people aren't handling "sensitive" data.

I don't think that is necessarily true, but it would depend on how you define
"sensitive". If you are storing data in the cloud that you are happy sharing
with the public, then security isn't an issue. However, many people backup all
of their data in the cloud (you need look no further then OneDrive that comes
with every copy of Windows 10). This includes their financial information, tax
returns, intimate personal information, and other things that would horrify
them if they were exposed to the public. Most do so without understanding the
risks because cloud computing has been sold so heavily by the government,
corporations, and media outlets.

And we aren't just talking about individuals. Many, if not most, corporations
use cloud computing to store their data. This includes financial data,
customer information, credit cards, account numbers, and everything else you
can imagine.

I'm not trying to argue cloud computing doesn't have its uses. I have no
problem using the Steam cloud to save my game in Civilization 5, regardless of
how insecure their servers are. But the risks are very real any time you
entrust your data (or anything else) to a third party, and they should be
recognized.

------
vladimir-y
btw Argon2 [https://github.com/P-H-C/phc-winner-
argon2](https://github.com/P-H-C/phc-winner-argon2) is better than bcrypt for
passwords hashing

------
gjolund
Use unique passwords ffs.

------
tannerh
Tannerah@gmail.com

------
omginternets
HIBP says I was pwnd. So ... like ... what do I do now?

SHA-1 hashes should still be okay, right?

~~~
16556
Change your password at Dropbox and any sites you re-use that password on
(which you really shouldn't be doing).

------
aorth
@dang Can we please change the URL to not have the query parameters?

~~~
ashitlerferad
I'd go with automatically stripping all utm_* query parameters from all URLs.

~~~
MichaelApproved
What's the harm?

~~~
10011100
Hello Michael,

We noticed some of the websites you read, and were wondering if you'd like to
buy some stuff?

A lot of the stuff we're selling is directly related to what you were reading
about _just five minutes ago!_

Are you interested in spending money on our stuff? _Click here to find out
more!_

Would you like to fill out a survey, and be entered into a contest to win our
stuff. It's fast, fun and easy! _Try it now!_

Here are some other articles we thought you might like. Is this ad irrelevant?
_Tell us how!_

------
gowthamgts12
Why these troyhunt guys place a clickbait to hibp in every article? Don't be
sick

~~~
tonicoto
Well, let's reply to the obvious troll.

Troy Hunt is a person, not a team, and I guess he links to HIBP because he's
proud of his work. I know I would.

~~~
shostack
You forgot to add that it is also an incredibly valuable service for times
like these that is totally free.

At this point I'd say signing up for notifications with it is just a solid
security practice.

------
Joof
What's the big deal? It's not like it allows attackers to directly modify
files on anyone's computer if they have Dropbox installed.

