[06:19] it might be them trying to phase out older password storage formats [06:19] not that they couldn't do that without forcing a change [09:43] Yeah that makes sense. Assuming it was stored hashed in the first place, they may still want to improve it, eg. using a higher number of PBKDF2 cycles than had been initially used. [09:43] Good thinking. [15:43] *** Guest2203 is now known as pjs [16:09] facebook is down :) [16:16] Yay! [16:25] Huh. I just got the same email as nathani [16:25] It links to https://www.dropbox.com/help/9257?oref=e [16:26] Embarrassingly, it's right. I set that password on Sep 11, 2012 according to my password manager. Bryce should know better... But hey, at least U2F. [16:26] "we learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012. " [16:30] Well this was fun to sit back and watch https://blog.lastpass.com/2014/12/introducing-auto-password-changing-with.html/ [16:31] wtf... it just set it to one of my other passwords. [18:33] *** Nahual has joined #arpnetworks [19:01] *** dj_goku has quit IRC (Ping timeout: 252 seconds) [20:23] *** dj_goku has joined #arpnetworks [20:23] *** dj_goku has quit IRC (Changing host) [20:23] *** dj_goku has joined #arpnetworks [20:47] *** Nahual has quit IRC (Quit: Leaving.) [23:09] The most important takeaway and useful in general and hence the need for password managers in the first place: "However, if you’ve reused your password on other sites, you should update those passwords." ie: Dont re-use passwords