Following the news that Dropbox is resetting passwords that haven’t been changed since 2012, Charles Read, Regional Director – UK, Ireland and Benelux at OneLogin commented below.
The comment looks at how, despite it being a positive move to come from a vendor as large as Dropbox, for a truly secure environment, the implementation of a single sign-on platform with SAML based authentication services is recommended.
Charles Read, Regional Director – UK, Ireland and Benelux at OneLogin:
“The recent announcement that Dropbox is to force password resets on accounts that haven’t been reset since 2012 is a really positive move to come from a vendor as large as Dropbox. For consumers, it’s very common to see the same password being used for multiple services, despite contrary advice from multiple vendors. As such, the compromised LinkedIn credentials from 2012 could well be the same credentials that users still have for their Dropbox account, putting both themselves and DropBox at risk.
In the corporate world, utilising a password as the only form of authentication for multiple accounts is already considered as weak security, however we are yet to see consumers apply this approach to the protection of their personal credentials. By adopting two factor authentication on top of regular passwords it’s possible to significantly reduce the risk coming from compromised credentials. However, for a truly secure environment I would always advocate the implementation of a single sign on platform with SAML based authentication services, something that Dropbox has supported in its product for many years. Two factor authentication can then be layered on top of this technology to entirely eliminate the risk associated with stolen credentials.”
Dropbox Resetting Old Passwords
Following the news that Dropbox is resetting passwords that haven’t been changed since 2012, Charles Read, Regional Director – UK, Ireland and Benelux at OneLogin commented below.
The comment looks at how, despite it being a positive move to come from a vendor as large as Dropbox, for a truly secure environment, the implementation of a single sign-on platform with SAML based authentication services is recommended.
Charles Read, Regional Director – UK, Ireland and Benelux at OneLogin:
In the corporate world, utilising a password as the only form of authentication for multiple accounts is already considered as weak security, however we are yet to see consumers apply this approach to the protection of their personal credentials. By adopting two factor authentication on top of regular passwords it’s possible to significantly reduce the risk coming from compromised credentials. However, for a truly secure environment I would always advocate the implementation of a single sign on platform with SAML based authentication services, something that Dropbox has supported in its product for many years. Two factor authentication can then be layered on top of this technology to entirely eliminate the risk associated with stolen credentials.”
Recent Posts
What Expert Says On Marqeta Expanding Credit Platform With 40 New APIs
ZuoRAT Malware Targets SOHO Routers In North America, Europe – Expert Comment
Geographic Solutions Ransomware, Experts Weigh In
Almost Half Of UK Organisations Now Encrypt All Data, According To Annual Apricorn Survey
Your Comments On Macmillan Ransomware Attack