`
First eBay got hacked, then it took an age to place a notice about that on its front page. Perhaps the ineffectiveness of that delayed tactic explains why it is now pursuing yet another tactic: forcing any users who have not changed their password to do so.
eBay announced the latest better-late-than-never move on its noticeboard:
Over the past two days we have been contacting all eBay users asking them to change their passwords. If you haven’t yet changed your password, at some point you will be prompted to do so when you login or before you complete a transaction. If you changed your password on May 21 or later, we do not need you to take any additional action at this time.
Timing these activities doesn’t seem to be eBay’s strong suit: just as it couldn’t guarantee when users would receive emails about the issue (mine only showed up yesterday), it only says this change will happen “at some point”. The sooner, the better.
Comments
8 responses to “eBay Hack: Now You Will Be Forced To Change Your Password”
Yup, me too… Replied to there prompt “why the hell are you just telling me now? I changed mine days ago. NOT HAPPY”… 🙂
Great… Has to be email verified, been waiting goddamn 30 mins for the email.
So badly handled….
Didn’t have to confirm my password change… Must be something they added to make it look like they give a shit, then poorly implemented it, thus proving they don’t… 🙂
Next day, still no email, but my account is half way through a password change so un-usable…
I’m trapped in a change password loop.
I’ve now changed it 3 times and I keep getting forced to change it again.
[“password1” usage intensifies]
In the loop too, since the password change became mandatory, if all goes smoothly thats great… but if you run into the “Sorry tech difficulties” glitch, (as in my case), your locked out of your account, tech support is unreachable, and ive heard rumors of suspensions upon contact, … i wonder how many thousands of buyers are now locked out, or worse sellers with running auctions …..great move ebay.
I don’t think it’s that compulsory to change passwords. If they are truly so serious about users’ security, they would have actually done something about it beforehand.