You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Received 3 2FA emails in one minute, but 2FA was not enabled on my account
Hi all,
A strange thing happened today, I've received 3 emails in sequence with content:
Hi [MY FIRST NAME],
Finish signing in to Dropbox with this one-time security code...
Thanks Rich! Does that mean that the malicious actor entered the correct password?
Just FYI I changed my password after the incident and enabled 2FA. Also, there are no suspicious sessions/logins on my account (active sessions).
Nancy
Dropbox Staff
Dropbox StaffHey radenkovic!
Is there any chance that you had previously stored your Dropbox password somewhere that was accessible by another user/person?
If you don’t see any trace of another device/browser on your Security tab though, it means that no one else managed to log in to your Dropbox account.
Also, good thinking on resetting your Dropbox password/enabling 2FA; that should do it.
Nancy, thanks for your input! I don't have any files on that dropbox account and have decent security practices (using password manager, not reusing passwords etc), it may be that I'm compromised, but I doubt it, that's why I am checking.
Is it possible to check logs with timestamp from my first post and confirm that someone actually tried to login with correct pw?
- Walter
Hey radenkovic, sorry to jump in, but I just wanted to confirm that the email you received seems to have come from an official Dropbox domain.
Just in case, you can change your account's password as the one time code that was sent to you would indeed only be sent if the password entered was correct.
The only timestamps about this incident you can check are the ones from any email you may have received during that time while you could also check your account's Security page for any web sessions that you don't recognize etc.
I hope this helps!
Thanks Walter! I've already updated the password, second time this week.
There were no suspicious sessions on my account (also there are 0 files in my dropbox so nothing really to compromise).
Just to mention that I am well-seasoned with OpSec and worked on many anti-fraud/phishing/scam projects, and was genuinely worried if I'm targeted as a revenge or something. The password itself was brute-force proof and autogenerated (16+ chars, a-Z0-9 and symbols), not stored anywhere except in my password manager (I suspected that it was compromised but it's unlikely), no traces of malware on my computer, and no other accounts from the manager were compromised (although I changed all the passwords and moved to local pw manager).
