If your amazon password is over 8 characters change it!

social engineer

social engineer

BANNED
Joined
Mar 30, 2010
Messages
637
Reaction score
568
If your amazon password is over 8 characters change it!

this was taken from a russian black hat hacking forums news page

I dont know if its fixed but i would update your password anyway

Strange bug was discovered by one of the visitors to Amazon. When you try to login the system is not perceived mistakes in entering the password and passes it to the private office.

According to the user who discovered the mistake, he could log in, even if the password was entered incorrectly. And the system "did not see" change is in the past of characters, if the password was longer than 8 characters. In other words, a user whose password was "iloveyouamazon", he might as well have to log in by typing "iloveyoufacebook" or simply "iloveyou".

Most likely, the reason lies in the fact that the password was not changed from the time of registration, which was a very long time, and as a consequence, it is possible that the encryption algorithm is different from the old password new. This problem can be solved by changing the password.
Click to expand...
 
Advertise on BHW
But if your password is under 8 characters, arent you at even greater risk? Or I am completely misunderstanding? They still have to guess the first 8 characters don't they? I really consider this a non-issue until someone better explains what is the worry.
 
If this is true, changing your password to under 8 characters wouldn't make it any more secure.
 
This what I found
Where the password can consist of 20 characters in any combination of any letters [a-z, non-case sensitive, therefore n and N are the same], and using numbers 0-9.

36^20 allowing repetitions for 20-character password.

Here's why: the first character can be any of 36 (26 letters + 10 digits). Since we can repeat it, the second can also be 36. So the first two can be chosen in 36?36 ways. Continue this reasoning up to 20 factors -- all 36s.

By the way, 36^20 =
13,367,494,538,843,734,067,838,845,976,576
Click to expand...

This example does not include symbols or take into account upper and lower case characters.

1.) How does this make any sense?

2.) Didn't work on my account

3.) I'll keep my password as is thank you very much!

4.) As i said before, "This makes no sense!"
 
Thats completely wrong
1. they aren't guessing the password letter by letter - thats not the way
2. the author is talking about the algorythm having changed because the passwords are too old and it has changed in a way that if your password is more than 8 chars is vulnerable to the exploit
3. if someone were to "hack" the passwords they would have to break into the database, take the encrypted passwords and start decrypting them, but just breaking into it in the first place requires huge resources since Amazon is a big company and has them, so I doubt anyone would even bother doing it at also taking the whole risk
 
Advertise on BHW
You must log in or register to reply here.
Sign up now!

Main Menu

Home Main Forum List Black Hat SEO White Hat SEO BHW Newbie Guide Blogging Black Hat Tools Social Media Downloads

Marketplace

Account Selling Content / Copywriting EBooks / Methods Hosting Misc Proxies For Sale SEO - Link building SEO - Packages Social Media Social Media - Panels Web Design More

Making Money

Affiliate Programs Hire a Freelancer IM Journeys Making Money Pay Per Click Site Flipping Want to Buy

BlackHat World

Dispute Resolution Forum Suggestions & Feedback Introductions Lounge
Back
Top