Major security flaw in Mobile Access?

The mobile Access option of my MyBookLive creates a 12 DIGIT huh? code which expires in 48 hours. According to This code would take 4 minutes for a desktop PC to crack. When downloading the app, all that is required is the code and I have full access to the files.

This is a MAJOR security flaw. All I have to do is run a script that is constantly pinging your server with every different combination of 12 digits, and I’ll have access to anyone who adds mobile access.

Can you guys please comment on this issue and immediately look to a solution that incorporates letters, and/or a symbol to make your product secure and not open everyone up to having all of their files stolen.

I do see that the codes are one time use, so that makes me feel safe about my data, but this means someone would have to immediately use their code to avoid being hacked.


I think will be better if you call WD directly to let them know about it.

WD contact info