No. You can put anything you want in text or graphics on the screen. You need to send people to a secure amazon.com login page and pass an OAuth token.
I agree. If my Amazon credentials are stolen, here's what I have at risk:
- My credit card details (multiple)
- Shipping / billing addresses
- My private order history 5+ years
- Access to all my AWS instances
- Amazon Cloud Drive data
- And I'm probably forgetting a few...
With that being said, even services like Mint.com require handing over your bank's password to them even today. It's really not a good practice even if they are stored securely.
Tried Shelfflip, minutes later received this email from Amazon:
"Your Amazon.com password has been changed"
This is an important message from Amazon.com.
As a precaution, we've reset your Amazon.com password because you may have been subject to a "phishing" scam.
Here's how phishing works:
A scam artist sends an e-mail, which is designed to look like it came from a reputable company such as a bank, financial institution, or retailer like Amazon.com, but is in fact a forgery. These e-mails direct you to a website that looks remarkably similar to the reputable company's website, where you are asked to provide account information such as your e-mail address and password. Since that web site is actually controlled by the phisher, they get the information you entered.
Go to amazon.com/phish to read more about ways to protect yourself from phishing.
To regain access to your Amazon customer account:
1. Go to Amazon.com and click the "Your Account" link at the top of our website.
2. Click the link that says "Forgot your password?"
3. Follow the instructions to set a new password for your account.
Please choose a new password and do not use the same password you used with us previously.