I decided on a whim that it was time to change some of my passwords, as they had been in use for a long time and it was time for an update.
Visiting paypal I quickly logged in with my old password and after fumbling around I found the password change page, entered my password and easily discovered “security questions” and clicked the button to change password.
I already had KEEPASS running (Password manager, https://keepass.info) so all I needed to do was to tell it to create a password at 20 characters using uppercase, lowercase, numbers, space, and whatnot…
I copied in my old password and saw it represented by asterisks and then copied the new password from keepass to the clipboard before attempting to paste it into their field…
boom
Now I’m told that “for security reasons” they would like me to enter the password by hand – which basically means typing something like a&¤#"m^P#¤&^*ô&;MN4 without even seeing which letters you are pressing – because they are being “secure site PRO” and displaying the password you are entering as … asterisks…
I’m fairly competent at typing on the keyboard but I am not going to enter such a password without even knowing if I am entering it correctly.
But fear not, because due to this you can have a password like
“PaypalSUCKS12” and be secure. + its easy to remember and type.