It's been revealed that Sony's password reset system for PSN is rather less secure than the company hoped, thanks to yet another exploit.
Yesterday evening,Nyleveia came into contact with an individual who claimed they would be able to reset a user's PSN password using only two pieces of information: an account email and date of birth. These are two of the pieces of information which were compromised in last month's PSN hack. The exploit worked, and Nyleveia lost control of its dummy account within a minute of providing the contact with the information requested.
Since the vulnerability in the password reset system was revealed, Sony has taken down web-based PSN services including account sign-in and password reset, though customers can still sign in using their console.
While the exploit is fixed, it's recommended that PSN users create a new email address just to use for PSN, and reset their passwords at the first opportunity.
And there you were thinking it was all over...
This article originally appeared on GamePro.com as PSN Password Exploit