Amazon has become the de facto vendor for just about everything in my life. As such, they have all my address and the information for 15 of the 17 or so credit cards I own. If they had a major security breach with their password protection, that would be a big, big problem.
Well, crap. Turns out they do, and it’s embarrassingly and awkwardly simple to bypass.
For some reason, Amazon is only concerned with the first eight digits of your password. That’s right. Your password could be “spaceballsluggage1234″ and none of that would matter. If a hacker tried to get into your account, they could use “spaceballsiscriminallyunderrated” or “spacebalpoopypantsmcfarter.” Or just “spacebal11.”
Amazon would accept any of those answers and let someone log into your account.
If you’ve used Amazon at all, you know that this is a full-blown nightmare because a) they have tons of credit card information, b) you can buy basically whatever you want on Amazon, so if someone gets a hold of your account, you’re screwed and c) you’re probably as worried about passwords as everyone else on the planet, so it’s the same phrase, etc., as you use on your bank account.
The good news is that you can stop worrying about this simply by cruising over to Amazon and changing your password. Once you do that, even if your account was old enough to be vulnerable, it won’t be anymore.
No comments:
Post a Comment