If you've been using Dropbox for over four years and you haven't changed your password since then, then two things are true. One, you haven't been reading Lifehacker very long. More importantly, two: Dropbox is about to make you change it. The company is currently sending out emails to users with accounts older than 2012. For those who don't recall, back in 2012 Dropbox reported that leaked usernames and passwords from other sites were used to login to some Dropbox accounts. Now, the company has found some more accounts related to that list. As a safety measure, the company is simply advising that everyone with accounts older than the hack change their passwords.
Once again, this highlights some basic password safety everyone should follow. Specifically:
- Never use the same username and password on more than one site.
- You don't always have to change your passwords regularly, but you should at least change them after major attacks.
- Enable two-factor authentication.
- Use a password manager to generate unique passwords you don't know and store them for you.
If you get Dropbox's email, you should change your password immediately. If you don't, it still probably couldn't hurt but it might not be necessary. As always, use good security habits and hopefully your stuff won't be stolen.