eBay posted a message Wednesday morning saying that it had been hacked, urging all of its members to change their passwords.
go to My eBay and open the Personal Information link.
To play safe, change the PayPal password also.
And change your secret question too, while you’re at it…
I just read about this and someone said change your paypal pw too if they’re linked …
done!
Done... and I used your password, 
.
Just joking...
What are they gonna do? Change my wishlist? 
Changed mine today using LastPass's password generator. I'm not taking any chances. BTW, I use different unique passwords for all my logins. You should do the same....
what can they do with your account?
NOTHING, if you don’t put personal details of your actual physical self out on the Internet!!! “But I’m afraid of someone stealing my valuable password!!!” And you think we don’t already have the ability to change your beloved password to something we feel like typing Really??? That “https” protocol prefix just tells the world you’re trying to hide something, and there are people “out here” who can decode https streams in their sleep. Really.
People are taking this whole “online presence” thing far too seriously. Just pretend the Internet is the Food Court in your local shopping mall, and everything you post, or copy to “the cloud” or E-mail or tweet or E-bank or whatever, is written in bold letters on a 4*8 sheet of plywood where everyone can see it. The only people who don’t see it are the ones too self-involved to notice, which is almost all of them!!!. If you are so narcissistic you just have to have your latest haircut posted on Faceplant, you really WANT someone to notice, so why would you hide your passwords etc.??? Show us your stinking underwear while you’re at it!
OTOH, if you keep your actual personal details to yourself, it won’t matter one whit if someone “hacks your password” because it isn’t “you” anyway!
Sheesh! “LOOK AT MEEEEE!!! LOOK AT MEEEEE!!!” The only valid “Facebook” entry is: “I’m typing at my keyboard.” Narcissistic Personality Disorder gave Paranoid Schizophrenia a “special hug” and Faceplant was born.
What Century was it, again??
Remember what Mr. Miyagi said: “Best defense, no be there!”
Dimbo the Blinky
Beating back the darkness, one foot-lambert at a time…
Do you remember the recent “HeartBleed” exploit? To recap, it worked by sending a “Watchdog” request to a Server, asking for (e.g.) 500 bytes with the word “HORSE” in it. The anticipation was that something interesting would be in memory within that 495 bytes.
So every “beLIEver” who rushed right out & changed their password? What they did was guarantee their new password would be in the Server’s memory, which means they’ve likely already given it away.
OTOH, if your password remained stored on Disk, and you didn’t change it, it wouldn’t be in the Server’s Memory and the Heartbleed bug wouldn’t be able to give it away!
This is not rocket surgery!! It’s really quite simple, it just takes a clear mind, actively thinking, to understand it perfectly well.
All I’m asking is that people stop beLIEving the Fear, Uncertainty and Doubt being sown on the nightly news and start KNOWING what’s right in front of you, like that tree you’re about to run into with your car while you’re busy updating your Facebook status on your “smart” phone driving down the road.
Lest ye fall into iniquity.
Nobody cares! At least not the people that matter. That’s what text messaging and actual phone calls are for.
Steve
Here is an easy way to do that for those of you who have trouble remembering them…
1) The first letter is always capitalized.
2) Followed by an acronym of something you knew/loved: Maybe a childhood phrase like “Tcjotm” = “the cow jumped over the moon.” This way, malware or an individual has virtually no chance of guessing.
3) The special character (_ or * etc) always follows the acronym.
4) The number follows the acronym and you go up by one each time a change is mandated. So Eceg_4223 would be 4224 on a change. That way, you always remember it, and the phrase helps with this.
5) Different sites use different phrases/acronyms: An adult site might use, say, “never take off the pants outside of home,” so the password would be: Ntotpooh_433. Not very hard to remember, either.
Practically perfect and uncrackable. Take it from a security pro! :cowboy_hat_face:
How the heck do you remember your passwords
I might start using password safe portable or something…
Have changed both ebay & paypal!
If ebay and paypal were not linked and have different passwords I should be ok, right? I changed ebay’s password already just in case
To play safe, changed the subject to include PayPal.
Thanks for the heads up. Just changed my ebay password.
The sad part, apparently this breach occurred in February. A brief message was placed on PP, but not eBay, then it was pulled altogether. But too late as someone noticed it and thats why we know at all. Damn Chine… of wait…
The real importance is not your eBay account. Its access to your address, DOB, Full Name etc. This is how a person begins the process of gaining an identity. From here you might get a utilities bill in your ‘new’ name, at a new address (or something simple). From there you combine what you have to get the next item, until you finally have enough ID to get a licence/passport or any other legit ID. There are people in the US that are after 2 yrs, still trying to fix their credit. The banks know the genuine person is innocent, but they need the dollar, and its your identity, the excuse is you should be more careful with your identity. Its not some lonely dude, its more organised. I can sell your data to someone that lives local to you, they fish your rubbish, and build on what they have about you. Think about how easy is to buy over the phone, the net, what do you provide as proof of ID? How do you get someone to talk to you on the phone about your account? They build profiles until one is sufficient to obtain an ID. Theres good money in it.
A simpler scam than involving banks is to hire cars, and never return them. Eventually you dump them but imagine the condition of it. Leases on whitegoods, then sell them. Your credit is damaged, and while eventually you PROBABLY will clear you name, it takes years, and costs you tens of thousands. People have gone from excellent credit, to poor credit, and in the end, they must rebuild as they are broke. Some will always have the poor mark in their history. Some have had to sell homes to pay legal fees. If it was easy to divest yourself of responsibility for debt, how many would scam by saying I never bought it, even if they did. Courts are not able to take your word for it, you must prove it. They arent claiming you bought X (that happened with the debt collector), youre claiming you never did (to repair your damaged credit). They dont have to prove you did, you need to prove you didnt you are the defendant.
Take your password very seriously.
And anyone who thinks this should be kept quiet is fooling themselves. Those who will do this, already know how its done. Its the innocent bugger who has no idea that gets financially raped by it. And if you think the courts cant, banks cant, I never did it, its their own faults etc. Youre half right. And one day, you will have your chance to make it so in court. But in the meantime, the banks and debt collectors act on the legal papers they have, and you get to pay your solicitor.
Anyway, heads up, or not.
Lastpass remembers them for me. I've been using it for years on my Mac and PC with the Chrome extension. It's safe and secure as long as your master password is strong. I use a combination of numbers along with a weird phrase no one can ever figure out.