UPDATE (07/11/12) – Fresh reports, some directly from PayPal, now suggest that the attack described in the article below was not directed towards PayPal and instead was directed towards a company called ZPanel. Many of the leading news organisations are now reporting this retraction and therefore the original claims are not accurate. However changing your password regularly and choosing a good password are still important messages so the information below is still of use and therefore we will continue to make this article available for people wishing to stay safe.
On the 5th November Anonymous claims to have leaked 28,000 passwords from PayPal as part of a day of protest to mark Guy Fawkes night.
Hacktivists uploaded many thousands of Email addresses, names and passwords taken from the PayPal systems. Various news sites are reporting this event and so we thought it would be useful to add a quick article helping people to change their passwords if they were worried about there PayPal account security. Please find below a brief description of how to change your PayPal password and also below some advise and guidance regarding choosing a strong password that is easy to remember.
Advice and Guidance Regarding Better Passwords:
Before you go to change your password think about how you are going to secure it. Also think about how that each of your passwords should be different because if your PayPal password is compromised, then the next easiest attack is to go after your other accounts which you may be using the same password – Twitter, Email, website maintenance, bank accounts, etc. These few tricks can help you make a better password:
If you must use the same password, change how it ends. For example if its for Email and my normal password is ‘thingy’ then why not use something like ‘thingy-EmaiL515’ which is broken down to normal password + hyphen + function name with upper and lower case letters + 5 for first word number of characters + 1 for the hyphen + 5 for the functional number of letters. Although this sounds complicated, once you start using this kind of format it becomes very easy to come up with new passwords.
A second favourite is to come up with a phrase like “I love to eat chocolate 7 days a week.” – and turn this into a password by using the first letter from each word. The password for this example would be ‘Iltec7daw.’ – not so easy for the hacker to break into. Any phrase will do, where you live, what you drive, things you enjoy doing – the list is endless.
One last and important factor to note. If you can add the UK £ sign into the password this increases your resistance to attack significantly. Most password hacking tools are not developed in the UK but abroad. We are one of only a few nations that have this symbol on our keyboards and therefore the attack dictionaries very often do not support the character and therefore will find it significantly more difficult to attack your password – put one in as the separator or at the end, it will help a great deal.
Change your PayPal Password
Follow these simple steps now to change your PayPal password, remembering the advice from above:
If you know your current password, you can change it from your PayPal account profile page by:
1. Log in to your PayPal account.
2. Click My Account at the top of the page.
3. Click Profile at the top of the page.
4. Click the Password link in the Account Information column.
5. Select Password.
6. Click Edit. You may be required to confirm your account information.
7. Enter your current password.
8. Enter your new password.
9. Click Save.
If you do not know your current password, you can create a new password by confirming your identity by:
1. Go to the PayPal homepage.
2. Click Problem with Login? in the Account login box.
3. Enter the email address registered on your PayPal account.
4. Enter the characters shown in the image in the text box.
5. Click Continue.
6. Confirm your account information and click Continue.
7. Verify additional account information and click Continue.
8. Enter and re-enter your new password and click Submit.
If you have a support contract with us please get in touch and we will be happy to assist you directly with this and any other security issue you may be experiencing. Alternatively, if you wish to contact us for further ways we may be able to help, all of our details can be found by clicking the button below or on the “Contact Us’ page. We hope you have found this brief article helpful.