Entered into an eBay contact form.
Hi, Just a short note.
I am closing my account: the form that asks why didn’t really capture the true reason why I’m closing.
It’s not quite “identity theft”, but it is security-related.
I haven’t been using my eBay account, so I thought I’d set the password to something nice and *strong*. On the password change form, I noticed a 20-character maximum limit.
This was red flag no. 1.
Then I pasted a randomised password from a generator. The site complained I had forbidden characters.
This was red flag no. 2.
By placing limits on the size of password and its content, it is clear to me that eBay is *not* serious about making its systems truly secure, and that breaches like the one experienced recently will be a recurring event.
By hiding behind “proprietary encryption” it isn’t even serious about reassuring the public: good crypto doesn’t need secret algorithms to work well.
As there’s now very little I buy off eBay, I feel the time has come to say goodbye. If you ever do get your act together, I might consider returning, but until then, farewell.