Printer-friendly version
Author:
I just tried to send bunce by Pay-pal. It is useless. They keep changing my password and I refuse to write it down because that is a sure way to get robbed. I used my card instead. Pay-pal is not secure if they keep wanting me to change my password every time I forget.
I managed to send some money direct to Janglewood - I think.
Comments
Thanks :)
I know what you mean about forcing password changes. And no one allows a password actually long enough to be really secure. We did get your payment.
Hugs,
Erin
= Give everyone the benefit of the doubt because certainty is a fragile thing that can be shattered by one overlooked fact.
Funny haven't needed a password change for years
I guess mine was just so complex.
And long.
Paypal
I wonder if at some time in the past an attempt was made by a hacker to gain access to your account?
If this happened, even though the attempt was usuccessful, it would make Paypal a little more cautious and ask you to change your password more frequently.
A lot of people were caught by the recent widely reported major hacks into well known international corporations and their details stolen. I was one, I was trawled by the people who got into Yahoo but received their warnings and did change all my passwords, quite a few as well. I also had a word with Norton, followed their advice and thus far haven't had a problem though Norton did intercept an attempt and let me know that it had been zapped before it had a chance to do anything.
The internet can be a dangerous place and to be honest, I know it's a nuisance at times, but I'd rather the people who handle my finances, banks, PayPal etc., erred on the side of caution.
Frances, (aka Secret Squirrel)
Frances
I let my browser remember mine.
I use PayPal all the time. I use Firefox and it remembers my password for me. Since my computer is password protected and it never leaves my house, I'm pretty secure.
I like PayPal because when buying online, the seller only gets my email and PayPal fills in my shipping information.
If you insist on logging in with a typed password, try shifting a name (first, middle and last) or a common phrase one key to the right or left and substituting a number or a punctuation mark for spaces.
Hugs
Patricia
Happiness is being all dressed up and HAVING some place to go.
Semper in femineo gerunt
Ich bin eine Mann
And finally, no more mandatory password changes
NIST, in a new draft document, no longer recommends periodic password changes. They finally realized it makes things worse, not better. We just have to wait for it to percolate down to the mainstream.
Not certain how securely...
that information on your browser is stored. Presumably, if one web page can access the cookie stored on your computer, it's not beyond the wit of a hacker to find it and then use it to access your PayPal account.
I use an open source password safe called KeePass. It will generate a long random password such as vhJne2XsdYTss2VEeJXL, and then store it securely. I only need remember one password (the KeePass password) to access any of the dozens of passwords I store inside it. I can either drag and drop the password from KeePass into the browser or copy and paste. The KeePass file locks shut automatically a minute or so after accessing it. And the file is stored on my computer and not on the cloud.
I have wondered
What if I changed a pin or password to something closer to my cyber-stalking enemies' guesses rather than further away? The only new password defence I can think of would be against some sort of key logging program, since the thing might be tracking repeated words, but if such a program had already got in wouldn't the system already be compromised?
Anyway, PP only wanted me to change it once, after a broken purchase attempt I made at work instead of at home. They wanted to phone a key number to me, but sent it home - where I wasn't :\
"Reach for the sun."
Do you mean...
make it easier for them to guess what it is? Eg using password as your password. Some people still do and those are the suckers who are getting hacked most.
I'd recommend KeePass for reasonable security which isn't too onerous - see my comment above.
What I meant
was, if someone/thing was running through possible combinations guessing a password, and would get to the correct one eventually, how do I know that my new one wouldn't be closer down the sequence? Just a random moment musing one time when once again one of my work passwords needed re-inventing.
Apart from the odd trivial internet access, my own passwords are written on paper kept out of sight rather than entrusted to bits in the machine. A lengthy comb through the mess of the house might eventually yield my various forum and web shop accesses. Thanks for the tip though.
"Reach for the sun."