This year has given us plenty of reminders on the importance of password security. In August, a crime ring reportedly gained access to 1.2 billion account and password combinations, in early-October hackers gained access to data from the social media app Snapchat, and in mid-October hackers used stolen login information to access Dropbox.
Dropbox is commonly used among the W&M community, so it is important to note that the webservice has not been compromised. Hackers obtained login information from other sites, and were able to access Dropbox accounts because some people use the same account name and password for multiple sites. While Dropbox's security engineer explained in a blog post that your information is still secure, it is an important reminder that you should be very careful with your online passwords.
There are a few steps you can take to better protect your passwords:
- Passwords should be complex, and composed of both numbers and letters.
- Change your passwords often
- Do not recycle passwords between services - every service you use should have a unique password. You can use password managers such as Last Pass to avoid memorizing.
- Whenever possible enable two-step verification, which sends you a text message containing a validation code you must enter before completing your login. A hacker without access to your phone will not be able to log in, even if they have your password.
- Never share your passwords and beware of phishing attempts.
Please read through our password security page to learn more about creating complex passwords.