Amazon.com Security Flaw Found
The flaw allows customers to log in using several variations of an eight-character password.
A security flaw was recently uncovered that allows customers to log in using several variations of an eight-character password.
"The flaw lets Amazon accept as valid some passwords that have extra characters added on after the 8th character, and also makes the password case-insensitive," writes Wired's Dylan Tweney. "For example, if your password is 'Password,' Amazon.com will also let you log in with 'PASSWORD,' 'password,' 'passwordpassword,' and 'password12345.'"
"Wired has been able to confirm the flaw, which was first reported on Reddit," Tweney writes. "It appears to affect only older Amazon.com accounts, which have not had their passwords changed in the past several years."
Click here to read the Wired article.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.