Dropbox Password Goof Let Any Password Work For 4 Hours 185
tekgoblin writes "Dropbox confirmed today that for some time yesterday, any user's account was accessible without a password. The glitch was a programming error related to a code update and accounts were only vulnerable from around 1:54 pm PST to 5:46pm PST." "Only" is relative; as reader zonky puts it, "It took around 4 hours from deployment for Dropbox to notice they'd entirely broken their authentication scheme."
Re:Relax, it was only 4 hours. (Score:5, Interesting)
but fortunately there is no evidence of any unauthorized access.
Of course not, all the access where authorized by the faulty authorization system.