I just heard on NPR about a security breech by hackers at eBay. Now the company’s telling everyone to change their password on eBay. How do I change my eBay pw quick and easy?
Ah yes, if it’s Wednesday there’s another security problem on the Internet. It’s not going to stop, you realize, and what we’re seeing is the increasing level of sophistication of hacker groups and companies. Fact is, security experts have long been saying that the only way to keep data truly secure is to never have it on the Internet in the first place. Problem is, the cost of doing that is high, when we don’t have “one click”, loyalty programs and customer tracking, the things that make shopping online so easy and satisfying.
The latest company to feel the pain of a major security failure is eBay, and you’re right, within the last 24 hours they have indeed come out and warned every single user that their account credentials might have been compromised and that it’s time to change your password on the popular auction site. Again.
But the real problem is that it’s a pain to remember dozens — or hundreds — of different passwords so we all tend to use the same password or two across all the sites. Which means if it’s compromised on one site, you really should change every site that uses that password, not just that one. Ugh. Indeed. It’s why passwords unto themselves are obsolete. What’s weird is that eBay’s PayPal site has a well-implemented 2-factor authentication [see: Enable 2-step authentication for PayPal security] but eBay itself is still missing this modern security feature. Odd.
Since I can’t fix these problems for everyone, let’s just look at how to change your eBay password. Start by logging in to your account on the site, then along the top look for your name, then move the cursor over that spot:
Choose “Account settings”, as you can see I’m poised to do in the above picture.
Then choose “Personal Information” on the left side under the “Account” tab. The result:
You can see that the third option down on the right side is Password.
That’s the one! Choose “Edit” on the far right and you’ll need to enter your existing password again to proceed:
Assuming you haven’t forgotten your password in the intervening minute or two, you’ll see this:
As always, upper case, lower case, digits, punctuation, it’s all beneficial. The harder it is to remember, ironically, the better the password is. Of course, then YOU need to remember it, but that’s another story.
Enter your current password and the new password twice, then click “Submit”.
That’s it. You’ll get a brief confirmation:
Done. Now you’re safe from this data breech. The next one? We’ll have to just hope (and choose complex passwords!)
Ebay won’t recognize my username.
I have two . . tried both and with both said I forgot my password.
Ebay couldn’t send a password to either account because it did not have the user name on file.
I know both usernames and passwords. Ebay does NOT!
Do you think the hackers are changing them too?
I doubt that hackers would change a user name. Are you *sure* you have it spelled properly and that you’re at the actual eBay home page, not a phishing page? Try borrowing someone else’s computer to try logging in. Good luck.
Hello Dave
On 21st May, after hearing of the eBay problem, I changed my passwords on my own accounts. The process was exactly as you describe in your article. No problem.
However, the process now seems to have changed (!?). Either you can click on the special Password Reset button on the homepage or proceed as before to reach the “Account Settings | Personal information | Password Edit” screen.
From there on, whichever way you get to that stage, instead of being asked to confirm the existing login details to access the “Change your password” dialogue, you’re presented with a screen asking for the registered e-mail address for that account. Entering the necessary info generates a “reset password” e-mail, delivered with a reset link (!!) to your inbox that then takes you to the dialogue to change your password.
Is that correct? Do you see these changes too?
Thanks.
I wonder if eBay’s changed things because of the breakin? I’d keep an eye on the SSL certificate: If at any point you are no longer on the secure and certified eBay server, bail out and try to figure out how you got subverted?
Dave,
I have tried and tried to get into my ebay account and change password. Nothing happens for me and I am so tired of trying.
Garnet
Hi Dave – Ebay has yet to contact me in any way. Does that mean my information wasn’t hacked, or that they did not in fact contact ‘everybody’? Thanks
Otto, seems like they’re really slow in contacting people. Took me days before I got a note from them…
I started the process to change my password. Ebay asks you to enter your original password, then the next screen is in German! Is it legitimate? Is Ebay just overwhelmed and asking too much of its servers? Or is someone hacking into EBay and taking advantage of an unfortunate situation?
Hi Dave,
Thanks very much for this. It seems all we’ve been doing the past few months is changing passwords! 🙂
I’ve got several accounts (including eBay) I haven’t used for years. When I tried to log in to eBay yesterday it would not accept my login information. Does that mean they’ve deleted my account? I hope so.
I had the same problem with several other accounts which I haven’t used in years. One of the companies said because of my non-use they deleted the account. Is that a standard practice?
Thanks, Dave.
Try the password recovery feature, John. That’ll let you know if you have an account or not. 🙂
Thanks very much, Dave — I hadn’t thought of that.