Gyroscopic Investing

A hacker group (sorry can't remember the name and I closed the web page already) has posted a partial list of their collection of 7 million username/passwords that were hacked from Dropbox (per them) vs somewhere else (per Dropbox).  They say they will post more when they get sufficient bitcoin "donations".

http://pastebin.com/aRgTJzzg

WiseOne wrote: A hacker group (sorry can't remember the name and I closed the web page already) has posted a partial list of their collection of 7 million username/passwords that were hacked from Dropbox (per them) vs somewhere else (per Dropbox).  They say they will post more when they get sufficient bitcoin "donations".

http://pastebin.com/aRgTJzzg

I changed my Dropbox password this morning.  I also endorse two factor authentication for a second layer of protection if you have not yet done so.

... Mountaineer

I can't wait for some enterprising young entrepreneur to set up a website where you just enter your username and password and it will check to see if it is on a hacked listing... and it's free!...

oh my

Mountaineer wrote: I changed my Dropbox password this morning.  I also endorse two factor authentication for a second layer of protection if you have not yet done so.

... Mountaineer

I had to search to see what Dropbox was.  Am I the only only one who thinks keeping personal information "in the cloud", or on any website or website type of backup is a really bad idea?  As to the obvious question, no I don't use facebook except for minimally for events.

Benko wrote: I had to search to see what Dropbox was.  Am I the only only one who thinks keeping personal information "in the cloud", or on any website or website type of backup is a really bad idea?

Dropbox appointed Condoleezza Rice to the board to allay any misguided privacy or data misuse fears you may have. The data you give away is in safe hands. 

Benko wrote:

Mountaineer wrote: I changed my Dropbox password this morning.  I also endorse two factor authentication for a second layer of protection if you have not yet done so.

... Mountaineer

I had to search to see what Dropbox was.  Am I the only only one who thinks keeping personal information "in the cloud", or on any website or website type of backup is a really bad idea?  As to the obvious question, no I don't use facebook except for minimally for events.

Bad news Benko...if you use online banking or order anything online with a credit card or Paypal, your information is not only "in the cloud", it is possibly in the same cloud that Dropbox uses (Amazon S3).  Or, do you store your info at home on your personal computer?  That's not 100% safe either unless you don't have an internet connection.  Plus there's the issue of data loss, which is only mildly improved by backing up to a USB or optical drive.  Those are guaranteed to fail eventually and unless you check them regularly, you might not discover that one has failed until the moment you need it.

Usernames and passwords are just more "security theater".  I also endorse two factor authentication for those few sites that offer it - gmail and dropbox do.

Here is some additional information on two factor authentication:

Yesterday's news that hackers might've stolen some 7 million Dropbox credentials should've scared you into changing your password. And if you didn't already have two-step authentication enabled on your account, it should be pretty good reminder that you need to turn it on for every account possible.

If you're not worried about the security of your accounts, you're ignoring a serious threat that's confirmed by a neverending deluge of security breaches. Two-step authentication is one of the best ways to prevent unauthorized access to your accounts, even if somebody manages to steal your password. Here's how to do it.

Two-step, or two-factor authentication protects your accounts by requiring you to provide an additional piece of information after you give your password to get into your account. In the most common implementation, after correctly entering your password, an online service will send you a text message with a unique string of numbers that you'll need to punch in to get access to your account.

The idea is that you're drastically more secure if somebody needs both your password and the physical phone to get access to your accounts. Add a passcode to your phone, and you're safeguarded against someone stealing both.

Is it perfect? No. But it's way better than just irrationally hoping nobody ever gets a hold of your password.

Read the whole article and the "how to do" steps in the link:

http://gizmodo.com/its-time-to-enable-t ... 1646242605

... Mountaineer

Benko wrote:

Mountaineer wrote: I changed my Dropbox password this morning.  I also endorse two factor authentication for a second layer of protection if you have not yet done so.

... Mountaineer

I had to search to see what Dropbox was.  Am I the only only one who thinks keeping personal information "in the cloud", or on any website or website type of backup is a really bad idea?  As to the obvious question, no I don't use facebook except for minimally for events.

No, you're not the only one. However, I'm sure this is a very unpatriotic position to take!

I'm glad to see that my favorite password, LiBeRaLsSuCk wasn't on the list.