Amazon... we have a (password) problem...

poodlehat writes: "I was on Amazon.com earlier today to check on an order I placed. I went to log in, and accidentally appended some extra characters to the end of my password. Me, being a lazy typist, decided to hit enter and re-enter my password on the inevitable login rejection screen. Well, imagine my surprise when the site let me straight into my account! I logged back out and intentionally typed something completely wrong in the password field and got rejected, so it it definitely only checking up to the number of characters in the stored password. This seems totally unacceptable to me — the two "keywords" should have to match exactly, right? Or is this behavior considered acceptable in the security world? I tried to find a technical contact at Amazon.com, the customer service page just doesn't feel like it would cut it on this one... anyone have a contact?"