Page 1 of 1
Change your Ebay Password NOW!
Posted: Thu May 22, 2014 12:55 pm
by FlyingPenguin
Even though Ebay says Paypal was unaffected, I'd change your Paypal password too.
http://arstechnica.com/security/2014/05 ... base-hack/
Posted: Thu May 22, 2014 1:02 pm
by darcy
I saw that yesterday but didn't have time to post { sorry,,, }; but i let hubby know 'cause he uses that quite a bit,,
Posted: Thu May 22, 2014 1:10 pm
by FlyingPenguin
Just wrote them a nasty email. They don't allow you to copy and paste a password into the change password dialog. That's really annoying for security conscious people like me. I generate a long (18+ digit) random password at GRC.com and copy and paste it into my encypted password file, and then paste it into the web page when logging in.
NOT fun typing in a random 18+ digit password by hand TWICE.
As an IT tech I can't see any rational reason for preventing copy & pasting. If they're worried about stopping some sort of automated attack, it's not hard for a hacker to just use a macro app that emulates keyboard inputs.
Posted: Thu May 22, 2014 1:26 pm
by darcy
I don't blame you; and you would know things better than most,,!
Posted: Fri May 23, 2014 9:53 am
by DaMaN
eBay should issue a SecureID fob for users.
Posted: Fri May 23, 2014 10:00 am
by eGoCeNTRoNiX
I think they did that at one time.. Or maybe that was PayPal.. But that was 10-15 years ago.. lol
Posted: Fri May 23, 2014 4:39 pm
by FlyingPenguin
eBay should issue a SecureID fob for users.
They do (it works on both Ebay and Paypal) and they still have it. I have the older "football" security key. The newer one is credit card size, and they can also text you a code to your cell phone if you prefer.
https://www.paypal.com/us/cgi-bin?cmd=x ... ide&bn_r=o
Posted: Fri May 23, 2014 4:49 pm
by Executioner
Yeah I still have mine I got years ago. Like FP, mine is also a "football".
Posted: Fri May 23, 2014 6:53 pm
by Nuby1Canuby
I was pulling out my hair trying to get my 50 character password to work on my new router last year.
FlyingPenguin wrote:Just wrote them a nasty email. They don't allow you to copy and paste a password into the change password dialog. That's really annoying for security conscious people like me. I generate a long (18+ digit) random password at GRC.com and copy and paste it into my encypted password file, and then paste it into the web page when logging in.
NOT fun typing in a random 18+ digit password by hand TWICE.
As an IT tech I can't see any rational reason for preventing copy & pasting. If they're worried about stopping some sort of automated attack, it's not hard for a hacker to just use a macro app that emulates keyboard inputs.