Dropbox Accidentally Unlocked All Accounts For 4 Hours

Dropbox Accidentally Unlocked All Accounts For 4 Hours

Oops! Dropbox accidentally dropped the need for password authentication this past Sunday so anyone could log into anybody else’s Dropbox account with nothing but an email address.

This lasted four hours and, apparently, less than 1 per cent of users were affected, but this is just another reason why you should add an extra layer of security to the data in your Dropbox.

Dropbox Left User Accounts Unlocked for 4 Hours Sunday [Wired]


    • This is a major fail for dropbox and honestly a ding for the cloud industry as a whole. That being said, I still will stick with my current choice of cloud based storage – sugarsync and just trucrypt anything that is SUPER sensitive.

      Also, you can actually get 5.5GB of free storage for signing up through this link. Almost TRIPLE what you get with dropbox. http://bit.ly/SugarSync500MBBonus Smart move sugarsync!__.

  • A company offering services like this will get very few chances.

    I know everyone makes mistakes, but as far as I’m concerned they have one more shot. A second mistake like this and they will never see me again…

  • This is just the first of, I believe, many problems to come. The partnership with Sony is simply scary. I have 0% trust in Sony after the issues from the past few months, and by proxy, 0% trust in Dropbox.

  • I think the real lesson learnt from any of these online breeches (or online leaving-the-front-door-open) scenarios is that online, you’re data is never 100% safe. It is just like anything really, if you want it 100% safe, it shouldn’t be on the internet to begin with.

    • Could not agree more, no matter who the company be it, Sony, Dropbox, Visa, FBI if it’s online there is a chance it can/will get hacked and infiltrated if people want to. Simple as that, store your stuff offline and protect your data. I never backup nor store any sensitive data to the ‘cloud’ as I do not trust my data in others hands it’s that simple.

      The way I look at it, once you put data online it’s really no longer yours!

  • Why am I reading this on Lifehacker and not in an email sent by the Dropbox team?

    I’ve found Dropbox to be quite reliable so I don’t see myself changing to something else, but it’s still frustrating nonetheless.

  • Well, I never stored anything remotely useful/sensitive on my account anyway. Even still, I’ll probably never use DropBox again. Just out of principle, because they didn’t tell me. I had to find out from lifehacker.

Show more comments

Log in to comment on this story!