How safe is Paypal?

roamer

I set-up a paypal account recently and I was just thinking seen as my card details are in there. If someone, knows my email address is it not just a matter of them getting my password and getting access to my credit cards?

Webmonkey

I don't think you can actually see the credit card number if you log in. You might only be able to see 4 digits of it

dmeehan

its safe, your complete credit card number is not displayed, only the last 4 digits

log in yourself and try and find your credit card number!

roamer

still though if someone knows my password they can still transfer the money from the paypal account, right? Should there not be better verification like a secret question or sumthin...

beller b

Kinda the same as logging into your bank or credit card account really???
simple solution don't give anyone your passwords

Lemming

roamer wrote:

still though if someone knows my password they can still transfer the money from the paypal account, right? Should there not be better verification like a secret question or sumthin...

By the same logic ...

"How safe is an ATM to use?"
"How safe am I using a credit card"

Pot. Meet Mr.Kettle

Paypal blocks out your number (except for the final four digits). And as for people getting into your account? Don't give out passwords since it's both incredibly ___F*CKING___ dumb and against the Terms & Conditions anyway, or make your password blindingly simple/obvious either.

axel90

It's safe just don't reply to emails which want you to log on to do something....always log on only at www.paypal.com

Webmonkey

axel90 wrote:

It's safe just don't reply to emails which want you to log on to do something....always log on only at www.paypal.com

Funny that, just got an email claiming it from paypal trying to get you to log in. Basta*ds. its an IP address

Sparky

and thats why paypal advise you to change your password every so often
80 days i think, mines incredibly long

Password Safety

• Never share your PayPal password: PayPal representatives will never ask you for your password. If you believe someone has learned your password, please change it immediately and contact us.
• Create a secure password: Choose a password that uses a combination of letters, numbers, and symbols. For example, $coo!place2l!ve or 2Barry5Bonds#1. Avoid choosing obvious words or dates such as a nickname or your birth date.
• Keep your PayPal password unique: Don't use the same password for PayPal and other online services such as AOL, eBay, MSN, or Yahoo. Using the same password for multiple websites increases the likelihood that someone could learn your password and gain access to your account.

Email Security

• Look for a PayPal Greeting: PayPal will never send an email with the greeting "Dear PayPal User" or "Dear PayPal Member." Real PayPal emails will address you by your first and last name or the business name associated with your PayPal account. If you believe you have received a fraudulent email, please forward the entire email—including the header information—to spoof@paypal.com. We investigate every spoof reported. Please note that the automatic response you get from us may not address you by name.
• Don't share personal information via email: We will never ask you to enter your password or financial information in an email or send such information in an email. You should only share information about your account once you have logged in to https://www.paypal.com/.
• Don't download attachments: PayPal will never send you an attachment or software update to install on your computer.

Use Your Account Wisely

• Don't share your account: Don't use your PayPal account to collect or transfer money for someone else. These types of activity are often conducted as forms of money laundering or mail fraud and may result in significant criminal penalties. If someone contacts you and asks you to transfer money on their behalf, you should deny the request and contact us immediately.
• Increase your security: Become a Verified PayPal member.
• Look for legitimate sites: Examine all privacy and security seals before doing business with a particular website and make sure they are legitimate.

Khannie

Sparky_S wrote:

mines incredibly long

Fnar fnar.

No, but seriously, very long passwords (> 10-15 characters) aren't that necessary. Once you use non-words and / or special characters.

E.G.

$pecialP@ss

would be practically unbreakable. Misspelling also helps. SpeshalP@ss would be good too. In fairness, the likelyhood of a brute force attack on a paypal account is low. AFAIK, paypal has never been compromised in this way.

Lump

Don't leave £20,000 resting in your paypal account.

John

Hobbes

axel90 wrote:

It's safe just don't reply to emails which want you to log on to do something....always log on only at www.paypal.com

That link doesn't go to paypal! :eek:

Btw, personally your money is safe unless your dumb enough to believe the Phish mails. However based on paypals history I would be very reluctant to put any large sums of cash in there as they have been known to lock peoples accounts and basically keep the money for the most assinine of reasons.

For example I can report you (without any proof) and they will quite happily lock you out of your account for 1-3 weeks.

Hobbes

Khannie wrote:

$pecialP@ss

would be practically unbreakable.

Pretty sure something like that would be in a dictionary file. You would be better off making it totally garbage.

like "totally garbage"
"ttly-grae"
"$Ttly-Gr43$"

That would be pretty secure. Barring any keyloggers.

ambro25

Use a Keygen (any, but preferably one for an application with a small-ish S/N or CD key, i.e. 8 or 10 alphanumerical digits) and a password-protected MSWord or somesuch file in which you copy/paste everytime you change it.

Don't let windows 'remember' your login details, open the Word file and copy/paste in the login page everytime you want to log in. Unless only you can access the PC in question (i.e. your personal PC in your room which noone else can touch-kinda thing) of course.

I'm not paranoid - I just know everybody's after me

Khannie

Hobbes wrote:

Pretty sure something like that would be in a dictionary file.

Nah, I've looked through the dictionary files to see what I should avoid. It would need to be in a crack progs algorithms. Point taken though not the uber-est password ever but it would require a fair level of algorithmic complexity to break it. Misspelling + special characters ftw IMO.

Ruu_Old

change your password every 3 months. and yes make it really long. make sure you login to "https/www.paypal.com" because thats secure.