I got a polite email from ebay yesterday explaining that they had mislaid some personal details and that it might be a good idea to change passwords. Not sure exactly what the concern was, given that the mislaid details only included the encrypted passwords, not the passwords themselves. Could the bad people have broken the encryption? Were there enough personal details which were not encrypted to let the bad people break into one's account through some side door? Why, if the data was mislaid in March, was a password change in April not good enough? Who knows, but it seemed prudent to take their advice as there are links of some kind between ebay, paypal and my bank account.
And while I was at it, I thought it best to give all my important accounts the benefit of a password refresh, a process taking two or three hours spread over two days. All very tedious.
As one would expect, the change password process varies quite a lot from service provider to service provider. One was very weak, not even requiring one to type the new password in twice. Most serious providers either send you an email saying the password has changed (without saying what it has changed to) or a text. Some do both. Along the way I noticed something wrong in one account and fixed that and then, overly confident, got completely lost amongst the mysteries of something called Google Plus, something which I have hitherto avoided, it being full of jargon like 'hanging out' which I have never gotten used to and certainly don't use.
However, all done now. Quick peek at Norton and Malwarebytes to make sure they are all quiet and peaceful and I can move onto breakfast. Perhaps to ponder on for how long I will need both, the last scan of the latter having picked up maybe 20 slightly bad things which the former had not blocked.
PS: I wonder if ebay staggered these mails. Doing the A's on day 1, the B's on day 3 and so on, to reduce the load on the password changing bit of their systems? They wouldn't have wanted to compound their error with poor service from an overloaded system. Or do they have so many servers that thousands of password changes a second present no real challenge to them? I think of some statistical colleague at Ebay HQ feeding data into Excel and drawing nice graphs of the numbers of password changes by minutes and seconds.
No comments:
Post a Comment