PSN password resets exploited, accounts compromised again

This was just plain bad planning:

Just two days after the PlayStation Network was restored after a near month-long outage, the PSN password page has apparently been exploited. According to reports, the exploit allows other users to reset your account password using only your e-mail address and date of birth. This personal data was made available to hackers during the initial PSN attack.

It makes sense that someone could change their own password easily when logged into their account.  But when using a “I forgot my password” link, there should be more verification of identity than simply guessing a number and an e-mail address.

via Report: PSN password resets exploited, accounts compromised again.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s