Dropbox recently confirmed that a programming error briefly enabled access to any user's account, regardless of the password entered.

"The San Francisco-based start-up attributed the security breach to a 'code update' that 'introduced a bug affecting our authentication mechanism,'" writes CNET News' Declan McCullagh. "Access without passwords was possible between 1:54pm PT and 5:46pm PT yesterday, the company said."

"'This should never have happened,' Dropbox co-founder and CTO Arash Ferdowsi said in a blog post," McCullagh. "'We are scrutinizing our controls and we will be implementing additional safeguards to prevent this from happening again.'"

Go to "Dropbox confirms security glitch--no password required" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.