'An Amazon.com security flaw allows some customers to log in with variations of their actual password that are close to, but not exactly, their real password.
The flaw lets Amazon accept as valid some passwords that have extra characters added on after the 8th character, and also makes the password case-insensitive.
For example, if your password is “Password,” Amazon.com will also let you log in with “PASSWORD,” “password,” “passwordpassword,” and “password12345.”
Wired has been able to confirm the flaw, which was first reported on Reddit. It appears to affect only older Amazon.com accounts, which have not had their passwords changed in the past several years.
Amazon did not respond to a request for comment.'
I am not a sheep, I have my own mind
I have had enough of being told what and how to think
Whilst we are still allowed the remnants of free speech,
I will speak out.
I also reserve the right to discuss less controversial matters should I feel the urge.
Pages
▼
Sunday, 30 January 2011
Is Amazon.com's security compromised?
Wired believe that to be so:
No comments:
Post a Comment
By clicking "Publish your comment" you indemnify NotaSheepMaybeAGoat and accept full legal responsibility for your comments