October 10, 2008

Secrets Exposed: How to make eBay stop asking for your Security Key code

Posted in Beginner at 5:55 pm by gloriouscomputing

Did you get a security key from paypal? They are pretty neat. They generate a code that paypal (and also despite your wishes: ebay) will ask you for when logging in.

This is all good, until you lose said key. Paypal is up front about it: Lost your key? Cool, just jump through a few hoops, and we’ll never ask you for a key again.

Ebay, however, will not get the message. They will still ask for these codes, with no way of telling it that you wish to disable your security key.

That is how I had been locked out of my ebay account for a year now, with ebay support having only the following to say:

“Thank you for reporting that you were unable to sign into your eBay and
PayPal accounts with the PayPal security key. We were able to quickly
find and correct the problem.

Please accept our apology for any inconvenience this may have caused.

It is my pleasure to assist you. Thank you for choosing eBay.”

Of course, they actually did nothing. I mean, they did sent that same message to me about 20 times through the course of the year, but whenever I would try to login, there was the prompt to enter my code with no way to bypass it.

Even when I figured out a way to bypass this myself and decided to tell them how they could save other customers from having my troubles, they still ignored what I actually wrote and just sent that message back.

So, since ebay refuses to listen or fix this issue, here’s how you can:

Please tell the next person the steps required for solving this issue
than claiming the issue is fixed, when it is not:
1) Log in with Username/Password
2) Enter anything for the security key code
3) Repeat step 2 until you get the error “Maximum Tries Reached”
4) Click “Lost / Damaged Security Key”
5) Follow Instructions

That’s right! While the “Lost / Damaged Security Key” link doesn’t appear at the page that asks you for your security key, it does appear once you try to brute force the code. Isn’t that nice? They WANT you to try and hack your own code.