Amazon shoppers and Fire TV owners are ‘vulnerable’ and must tweak setting immediately as expert warns of costly attack
AMAZON customers are urged to take advantage of this sign-on trick to make their accounts more secure.
The online retailer introduced passkeys in October 2023, promising “an easy and more secure way to sign in to your Amazon account.”
A passkey is an authentication method that allows you to log into your online accounts without using a password.
It calls for information like your face or fingerprint – called biometrics – or a PIN code.
Compared to traditional passwords, passkeys are highly secure and harder, if not nearly impossible, to crack.
Amazon announced that users would be able to sign into their Amazon accounts the same way they unlock their devices.
Passkeys are easy to use, too. Simply sign into your Amazon account and head to the Settings panel.
Select “Login & security” and find “Passkey,” then click “Set up” and follow the instructions.
To get back into your account, enter your email address or phone number and select “Sign in with a passkey.”
Many cybersecurity experts swear by passkeys due to their enhanced security.
For starters, the authentification method is phishing-resistant due to being built on the WebAunth standard.
WebAuthn, which stands for Web Authentication, allows users to use registered devices as authentication factors to sign into their accounts.
The system utilizes public key cryptography, where a public and private key are needed to authenticate a user’s identity in tandem.
The public key is stored on a company’s servers, while the private is stored on the user’s device. This prevents you from disclosing your passkey in a phishing attack, unlike a password.
In addition to being phishing-resistant, passkeys also aren’t vulnerable to password-based attacks.
There is a certain level of danger when you repeat passwords across sites or use simple tricks like a name and birthdate, which experienced hackers can bypass with ease.
This risk evaporates when you use an authentication method like your face or fingerprint instead.
Passkeys also support two-factor authentication, which requires you to verify your identity using one additional factor apart from your username and password.
As they’re tied to the device on which they’re generated, the device itself acts as an authenticator.
This makes it nearly impossible for hackers to breach your account remotely.
STRONG PASSWORD TIPS – DON'T IGNORE THEM!
Here's what you should be trying...
- Use a Mix: Combine uppercase letters, lowercase letters, numbers, and special characters.
- Avoid Common Words: Steer clear of easily guessable words and phrases.
- Length Matters: Aim for passwords that are at least 12 characters long.
- Unique Passwords: Use different passwords for different accounts to enhance security.
- Passphrases: Consider using a series of random words or a memorable sentence.
- Memory Tricks: Use mnemonics or acronyms to remember complex passwords.
- Password Managers: Utilize password management tools to store and generate strong passwords.
Dave Treadwell, Amazon‘s senior vice president of ecommerce, said the company was aiming to give customers “ease-of-use and security simultaneously.”
“While passwords will still be around in the foreseeable future, this is an exciting step in the right direction,” Treadwell said.
“We are thrilled to be an early adopter of this new authentication method, helping to realize our vision for a more secure, passwordless internet.”