Model Boat Mayhem

Please login or register.

Login with username, password and session length.
Pages: [1]   Go Down

Author Topic: Ebay again - security  (Read 4606 times)

Martin [Admin]

  • Administrator
  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 20,310
  • Location: Peterborough, UK
    • Model Boat Mayhem
Ebay again - security
« on: May 20, 2014, 12:59:06 pm »


Good old ebay!

Just spent a frustrating 2 hours tring to unlock my ebay account.
It now seems that deleting all your browser cookies and / or cache may well lock you out of ebay!
Apparently ebay are now using 'cookies' to track account security.

Ebay 'detected' my account was being hacked as it suddenly didn't recognise the I've ALWAYS used to logon to ebay and presented me a challenge code (sent via txt message), which, when entered,  promptly locked me out completely!
This was followed by hanging on the phone for 35 minutes, but after which the very friendly operator did unlocked my account.....after a security check that MI5 would be proud of!

I don't know what ebay has changed recently but if you regularly delete your browser history you stand a good chance of this happening to you too!


 1. Make sure your contact No. in ebay is up to date!
     www.ebay.co.uk  Home > My eBay > My Account > Personal information

Set cookie / site exceptions:


For Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences

For IE: http://windows.microsoft.com/en-GB/windows-vista/block-or-allow-cookies

NB: Cookie - http://en.wikipedia.org/wiki/HTTP_cookie
Logged
"This is my firm opinion, but what do I know?!"    -   Mayhem FaceBook Group!

TheLongBuild

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 4,403
  • Build em, and play hard..
  • Location: Everywhere, But Nowhere !! But mainly in England....
    • Runcorn & District Scale Model Boats
Re: Ebay again - security
« Reply #1 on: May 20, 2014, 01:15:50 pm »

The way fleebay is going , you would have been better staying locked out.. :}

RAAArtyGunner

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 3,846
  • Location: Brisbane, Australia
Re: Ebay again - security
« Reply #2 on: May 21, 2014, 12:58:20 am »

The way fleebay is going , you would have been better staying locked out.. :}

 O0 O0 O0 :-)) :-)) :-))
Logged
Gunna build those other boats one day.

hmsantrim

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 735
  • Location: U K
Re: Ebay again - security
« Reply #3 on: May 21, 2014, 06:10:08 am »

The way fleebay is going , you would have been better staying locked out.. :}

 Should call it fleece bay now as they fleece from you every which way they can.  1 to relist you item and a 10% tax on your postage price quoted for you item. 
  Frank
 
Logged

TheLongBuild

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 4,403
  • Build em, and play hard..
  • Location: Everywhere, But Nowhere !! But mainly in England....
    • Runcorn & District Scale Model Boats
Re: Ebay again - security
« Reply #4 on: May 21, 2014, 06:28:31 pm »

Stavros

  • Guest
Re: Ebay again - security
« Reply #5 on: May 21, 2014, 06:30:35 pm »

EVeryone should change their Ebay password without fail
 
 
Dave
Logged

Martin [Admin]

  • Administrator
  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 20,310
  • Location: Peterborough, UK
    • Model Boat Mayhem
Re: Ebay again - security
« Reply #6 on: May 21, 2014, 09:33:34 pm »


Ahhh! that would explain it then!

http://www2.ebay.com/aw/uk/201405211741492.html
Logged
"This is my firm opinion, but what do I know?!"    -   Mayhem FaceBook Group!

Stavros

  • Guest
Re: Ebay again - security
« Reply #7 on: May 21, 2014, 09:54:28 pm »

Biggest joke is that they were hacked in feb and NOW announce it
 
Dave
Logged

Martin [Admin]

  • Administrator
  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 20,310
  • Location: Peterborough, UK
    • Model Boat Mayhem
Re: Ebay again - security
« Reply #8 on: May 21, 2014, 10:34:43 pm »

 
BBC: Yes, Prime Minister. Episode One: The Grand Design

Sir Humphrey: Freedom of information. We should always tell the press freely and frankly anything that they could easily find out some other way.
Logged
"This is my firm opinion, but what do I know?!"    -   Mayhem FaceBook Group!

NFMike

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 1,061
  • Location: Hythe, Hants, UK
    • Plague Marine Services
Re: Ebay again - security
« Reply #9 on: May 22, 2014, 12:20:47 am »

Biggest joke is that they were hacked in feb and NOW announce it
 
Dave
I'm more worried that it may only be now that they've noticed ....

RAAArtyGunner

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 3,846
  • Location: Brisbane, Australia
Re: Ebay again - security
« Reply #10 on: May 22, 2014, 12:28:41 am »

Biggest joke is that they were hacked in feb and NOW announce it
 
Dave

Why would we expect any better from fleabay they were hoping to cover it up and it would not get out.
Seriously, why change your fleabay password as that only protects your account, not fleabay. Wouldn't it be better to change your account and details etc.
For example, Hotmail has been hacked yet again and all those who lost their address books last time around and changed their passwords have to change them again, so what has changed nothing.
Fleabay have to upgrade their security systems and procedures but no that will cost money.
If a hacker is smart enough to crack their site do we believe changing my access pasword is going to prevent them hacking the site again>>>>>>>>>>>>
As per the saying "let the buyer user beware"
Logged
Gunna build those other boats one day.

richald

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 1,944
  • Retired and loving it!
  • Location: Driffield, East Yorks.
Re: Ebay again - security
« Reply #11 on: May 22, 2014, 05:31:49 am »

Not sure what's happening but I just logged onto my Ebay
account with no problems, and I wasn't asked/told to change
my password.

Richard

Logged
Senior member of the OGG (Order of the Grumpy Gits)
Membership Number : 002

Umi_Ryuzuki

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 1,172
  • Location: PDX, OR USA
    • Models and Miniatures
Re: Ebay again - security
« Reply #12 on: May 22, 2014, 05:43:59 am »

Not sure what's happening but I just logged onto my Ebay
account with no problems, and I wasn't asked/told to change
my password.

Richard

From what I have read, several employees with a lot of clearance had their corporate identities  hacked.
The breach of security was only just discovered. The employees clearance would have allowed
the hackers access to a lot of data and secure information including user passwords.

To be safe, it is recommended that you create a new password.
Like previous corporate hackings, there is the possibility that all the security holes
are not yet patched. So changing your password today is a good idea. However, it
 may be necessary to change your password again in the near future.

I hate changing my passwords, because it usually means I will forget my new password, and
have to use other procedures to access the accounts and create a password again.
I have a friend that works in a hospital, and they require a password change every four months.
He has a really hard time remembering his passwords.

So, as Martin mentioned earlier, before change your passwords, make sure you have your personal information up to date.

 :o

malcolmfrary

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 5,766
  • Location: Blackpool, Lancs, UK
Re: Ebay again - security
« Reply #13 on: May 22, 2014, 09:14:53 am »

Quote
If a hacker is smart enough to crack their site do we believe changing my access pasword is going to prevent them hacking the site again>>>>>>>>>>>>
It won't stop their site being hacked in the future, but it will stop attempts to use the information gained in the last hack.  In a previous hotmail hack, I only found out when I got a query from Martin asking why I thought he needed a supply of viagra.  Turns out they were using hacked accounts to send bulk email.
At least this time ebay have reacted publicly, maybe late, maybe not, with sensible advice about changing passwords.  It might be closing the stable door, and it won't stop the bad guys looking for another door, but it does make the information less useful.  The real problem for users is if they have used the same password elsewhere, those will need changing as well.
Logged
"With the right tool, you can break anything" - Garfield

Martin [Admin]

  • Administrator
  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 20,310
  • Location: Peterborough, UK
    • Model Boat Mayhem
Re: Ebay again - security
« Reply #14 on: May 22, 2014, 10:56:44 am »

 
Quote
I have a friend that works in a hospital, and they require a password change every four months.

My company it's every 30 days!!!

Changing Passwords tip: You can still use a version of your old password but add a few 'special characters'
                                  eg.  OldPassword     New#Password>[001]
Logged
"This is my firm opinion, but what do I know?!"    -   Mayhem FaceBook Group!

Big Ada

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 2,070
  • Location: Kent UK
Re: Ebay again - security
« Reply #15 on: May 22, 2014, 06:10:40 pm »

Not sure what's happening but I just logged onto my Ebay
account with no problems, and I wasn't asked/told to change
my password.

Richard



Try in your Messages.
I changed mine with no probs.

Len.
Logged

plug

  • Guest
Re: Ebay again - security
« Reply #16 on: May 22, 2014, 07:14:45 pm »

It now seems that deleting all your browser cookies and / or cache may well lock you out of ebay!

yes, got locked out but i won't be ringing them, i'll just let the account die.
Logged

essex2visuvesi

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 6,134
  • Location: Finland, England, Finland!
Re: Ebay again - security
« Reply #17 on: May 22, 2014, 08:45:28 pm »


My company it's every 30 days!!!

Changing Passwords tip: You can still use a version of your old password but add a few 'special characters'
                                  eg.  OldPassword     New#Password>[001]



30 days??? Luxury!!
My server admin accounts have to be changed every 7 days, have to be a minimum of 14 characters 2 of which must be upper case 2 numbers and 2 special characters (!&^ or something similar)
Then they wonder why we write them down!
Logged
One By One The Penguins Steal My Sanity
Proud member of the OAM  (Order of the Armchair Modeller)
Junior member of the OGG  (Order of the Grumpy Git)

NFMike

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 1,061
  • Location: Hythe, Hants, UK
    • Plague Marine Services
Re: Ebay again - security
« Reply #18 on: May 22, 2014, 11:25:46 pm »

The real problem for users is if they have used the same password elsewhere, those will need changing as well.



This is a good opportunity to break that bad habit and use different passwords everywhere.
One solution is a password manager like KeePass:
http://keepass.info/index.html


It will create strong passwords (random jumbles basically) and you don't have to remember them, just the one mega-strong job you use to open your database. For PCs most sites you can just drag and drop the user and p/word and on Android there is a similar feature. (I use a cloud sync to keep the PC and Android databases the same on my various devices.)

RAAArtyGunner

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 3,846
  • Location: Brisbane, Australia
Re: Ebay again - security
« Reply #19 on: May 22, 2014, 11:46:27 pm »

Aren't we, or am I missing the point.
 
My password has not been broken or hacked, it was obtained from the site, eBay's records by hacking into the eBay site, not my account, my personal details have also been compromised by eBay's lax site security.
 
It stands to reason that unless the site, fleabay drastically improves site security, which they will be loathe do as it costs money, us changing passwords solves nothing, except makes everyone feel good and false sense of security until the site is hacked again.
 
As I mentioned Hotmail has been hacked yet again and all who changed their paswords etc etc have to do so again.
 
Once again their address books and personal details have been stolen, so what did changing their passwords achieve Zilch.
 
The site security is the issue.

I dare say if everyone started closing down their eBay accounts then fleabay would fix site security pronto.
 
Can't even consider the financial loss to account holders who don't know to what extent it has happened until some time down the track.
 
Then try and prove fleabay was at fault.
 
Logged
Gunna build those other boats one day.

bj

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 180
Re: Ebay again - security
« Reply #20 on: May 24, 2014, 07:51:08 am »



This is a good opportunity to break that bad habit and use different passwords everywhere.
One solution is a password manager like KeePass:
http://keepass.info/index.html



There is another one called LASTPASS that seems similar, so the question is which one?
Has anyone an opinion or experience of either  of these?
Logged

NFMike

  • Full Mayhemer
  • *****
  • Offline Offline
  • Posts: 1,061
  • Location: Hythe, Hants, UK
    • Plague Marine Services
Re: Ebay again - security
« Reply #21 on: May 24, 2014, 11:51:18 am »


There is another one called LASTPASS that seems similar, so the question is which one?
Has anyone an opinion or experience of either  of these?

Yes, there are quite a few out there. Search for "password manager" and you'll get a big set of hits for both products and reviews/comparisons. Which one you choose really depends on what features you want, how techy you are and which one you trust.

Obviously I use KeePass and have done so for several years. Before that I used another free one but that stopped being supported and didn't use very strong encryption, so I went in search of others and chose KP. It's an open source project, has a lot of features (which I only use a few of), gets updated a few times a year and has both Windows and Android versions which I need. (They do Linux too I think, don't know about Apple - probably not).
If I was starting from scratch right now I'd be looking at all of them and so might choose something else - but this one works very well for me at present. If anyone has any specific questions then ask away, but it might be better to start a new thread if there is much interest.
Pages: [1]   Go Up