Passwords compromised for eBay developers
11/08/2009 at 16:44
eBay have identified a possible security flaw and are requiring all developers update their passwords. This does not affect normal eBay users, just developers logging into https://developer.ebay.com/.
The developer blog reports that eBay have recently identified a means by which someone could have (not necessarily has or hasn’t!) gained access to eBay Developers Program account information. Details such as credit card details will not have been compromised and eBay say they’ve detected no fraudulent activity on developer accounts.
The new passwords must be 8 characters or longer, and contain at least 1 upper case letter (A-Z), 1 lower case letter (a-z), 1 number (0-9), and 1 special character (!@#$%*+-_.?). Quite frankly I’m surprised they don’t simply insist developers use the PayPal Security Key as that would wipe out any password security issues instantly.
Mark T says
6:58 pm on 11/08/2009
Problem is, the new password field is so sensitive, that you cannot create a password that it accepts.
For some users anyway.
Even if you use their “example”…
This is my experience and I will need to change my password soon, but cannot because of this issue.
Hopefully it is a temporary bug.
Mark
Barry Mann says
12:22 am on 12/08/2009
has crashed. Cannot delete tokens or make new ones. cant change password either. That means my suite of apps have stopped working. Bummer.
Mark T says
9:33 am on 12/08/2009
They are aware of some problems (copy of email):
Mark,
Thank you for your email regarding your inability to create a new
password. While we work on the issue, please attempt to use this
password: Devel0per! (I did this, but it did not work).
Also, please use a different browser to see if this helps.