Monday, January 31, 2011

Amazon customers with older accounts should change their password.

Some of the customer accounts at appear to suffer from a password security flaw, writes Wired's Dylan Tweney. The flaw, which only effect accounts that have not had the password changed in a long time, could allow a person to log in to the account using several variations of an eight-character password.

"The flaw lets Amazon accept as valid some passwords that have extra characters added on after the 8th character, and also makes the password case-insensitive," writes Wired's Dylan Tweney. "For example, if your password is 'Password,' will also let you log in with 'PASSWORD,' 'password,' 'passwordpassword,' and 'password12345."

Full Report Here: Security Flaw Accepts Passwords That Are Close, But Not Exact

The Fix:
If you haven't changed your user account password in a very long time, it is suggested that you log in to your account a change it immediately. You can even use the same password if you like. Simply navigating to the password management area and retyping in your old password will correct the issue.

About Black Knight

I am a computer repair technician with over 15 years experience and have been computer security and information privacy enthusiast for the last 4 years. I've helped literally thousands of individuals fix their issues by offering help through various blogs and Facebook pages. I like teaching myself and others new things, and believe in freely sharing knowledge.

No comments:

Post a Comment