- Jan 11, 2001
- 28,830
- 17
- 81
Ok, after my discussion with ebay support over my Active Security Key See HERE for my rant and arguing with ebay support over the obvious hole in said security, I want to understand better how these work/are supposed to work. One MAJOR flaw I see now is with the ebay change password system. I put in a request to change password and ebay send me a link via email. Using this link I changed my password without knowing the Active Security key and ebay let me right in, didn't even ask me for the key.
I have a SecurID for work and no matter what I cannot access our network without it. It randomly generates a new number every 60 seconds or so and that coupled with a password should keep an account reasonably secure. This is what the Paypal key is SUPPOSED to do I'd assume. Somehow someone managed to gain access to my ebay account without it. Even IF they had the key, they would have to get access to my password. How in the heck did they get in?
I have a SecurID for work and no matter what I cannot access our network without it. It randomly generates a new number every 60 seconds or so and that coupled with a password should keep an account reasonably secure. This is what the Paypal key is SUPPOSED to do I'd assume. Somehow someone managed to gain access to my ebay account without it. Even IF they had the key, they would have to get access to my password. How in the heck did they get in?
Facebook
Twitter