6,937,081 usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts.
I recommend that users turn on two-factor authentication and install a time-based, one-time password app on a mobile device.
To enable two-step verification:
- Sign in to the Dropbox website.
- Click on your name from the upper-right of any page to open your account menu.
- Click Settings from the account menu and select the Security tab, or click here for a shortcut.
- Under Two-step verification section, click Enable.
- Click Get started.
- For security reasons, you’ll be asked to re-enter your password to enable two-step verification. Once you do, you’ll be given the choice to receive your security code by text message or to use a mobile app.
- After enabling the feature, consider adding a second phone number that can receive text messages as well. If you ever lose your primary phone, you’ll be able to receive a backup security code to that number instead.
Or, move away from dropbox, I recommend using Google Drive, OneDrive, and Box.net.