Change your old Amazon.com password for better security

Discussion in 'News' started by Fergal1982, Jan 30, 2011.

  1. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    Jan 30, 2011 #1

    Change your old Amazon.com password for better security



    Amazon's allegedly got an security flaw where hackers can find your password much easier than they would otherwise, and there's already a fix in place. But get this -- you'll probably need to change your password for the fix to take effect, if you haven't already done so in the last couple of years. According to Reddit users, the Amazon.com login system will actually accept any phrase so long as it begins with your password, such as "password123" when the magic word is simply "password" by itself. That apparently makes it that much easier for a computer to guess your password via brute force methods, no matter how counter-intuitive that seems, so if you simply change it immediately -- and to something other than "password," please -- you'll have much sounder dreams.

    Source: Engadget

    I've Tested this myself, and it appears to work as stated!
     
    Last edited by a moderator: Jan 30, 2011
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
porta2_tags:

Comments

    1. ericrollo
      ericrollo
      I have tried this but it does not work for me.

      Maybe my account is not old enough.
      Jan 30, 2011
      #2
    2. Sparky
      Sparky
      Does not work for me.

      Just .com or is .co.uk playing up as well?
      Last edited: Jan 30, 2011
      Jan 30, 2011
      #3
    3. Trogdor
      Trogdor
      Thanks for the tip! Password changed. Now no one will know about that Hannah Montana DVD in my basket... Uh, ignore that last sentence please! :oops:
      Jan 30, 2011
      #4
    4. Fergal1982
      Fergal1982
      Worked on .co.uk for me. According to details from various people on Reddit (the original source of this from Engadget it appears), it only appears to be the case if your password was last changed a certain time ago (although there is no clear indication of the timescale involved). All I know is that it happened for me, and didnt after I changed my p/w.

      According to the notes, when it is happening, it is also ignoring case in passwords.
      Jan 30, 2011
      #5
    5. billyr
      billyr
      Thanks for the heads up, mine was also affected. Password now changed.
      Jan 30, 2011
      #6
    6. Theprof
      Theprof
      Interesting, although I don't have an amazon account, I have friends that do, I'll let them know. Thanks!
      Last edited: Jan 31, 2011
      Jan 31, 2011
      #7
    7. Notes_Bloke
      Notes_Bloke
      Just tried logging in to my account and adding extra digits on the end and it let me in:blink

      Safe to say the password is changed now.

      NB
      Jan 31, 2011
      #8
    8. BosonMichael
      BosonMichael
      I've got a mixed bag (.com):
      I tried logging in with extra characters at the end of the password and was denied access.
      I tried logging in by changing the case of some of the letters in my password and was allowed access.

      Fortunately, I've got a fairly complex password, so I don't think either would be a huge deal breaker for me.
      Jan 31, 2011
      #9

    Share This Page

Remove Advertisement - Premium Membership
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...