After the eBay database breach, all users are being asked to change their passwords. However, many people are rightfully complaining that the password reset form prevents them from pasting into the form fields, which makes it difficult to use long, complex passwords. Although, there has also been much criticism of eBay’s password length and complexity requirements being too lax.
Ars Technica has a good article at After the breach: eBay’s flawed password reset leaves much to be desired describing the various flaws.
In changing my own password, I was determined to use a complex password that was the maximum length (20-characters) and to ensure that the password was correctly recorded, I needed to be able to paste that password into the form fields.
The instructions below are for Chrome on Windows, but this should be similarly possible in other browsers:
- You should now be able to paste into the password input fields (but be mindful of the 20-character limit).
- Submit the form.
If you happen to enter more than 20 characters, the form will be submitted successfully and your password will be successfully changed, but the password will be truncated to the first 20 characters.
For those of you who reluctantly used a less secure password due to the limitations of the form, hopefully this allows you to reset your password again and use a more satisfying password.