It's much more robust than other algorithms such as SHA1, a standard used to protect the other half of dumped Dropbox passwords. The bcrypt maths does so in a way that makes it incredibly difficult to reverse the process and guess what hash matches what plain text. It takes plain text passwords and puts them through an algorithm that turns the credentials into nonsense, the resulting chunks of data known as hashes. That's because around half the leaked passwords were protected with a strong hashing algorithm known as bcrypt.
The reset only affects users who signed up for Dropbox prior to mid-2012 and hadn’t changed their password since."īut it's not as bad as it might sound. Even if these passwords are cracked, the password reset means they can’t be used to access Dropbox accounts. "We can confirm that the scope of the password reset we completed last week did protect all impacted users. In a statement emailed to FORBES, the Silicon Valley firm's head of trust and security, Patrick Heim, said there was "no indication that Dropbox user accounts have been improperly accessed."
0 kommentar(er)
