PayPal Community

j_a_s · ‎Aug-26-2020

I've been dealing with customer support all day over this issue and they say they can do nothing but I want to raise it here as well since it's a major security flaw. Paypal is a financial site and therefore security controls should be very strong. I always log out whenever I complete a transaction and I never click the "stay logged in" button that's always presented. Now, every time I log in, I get an email saying "We've made it easier for you to check out with PayPal. Since we recognize this device, we'll automatically log you in so you can skip typing your password at checkout! ... If this is a shared device, or you don't want us to automatically log you in, we recommend that you turn this feature off." I go in and manually turn the feature off. Then the next time I log in to make a transaction, I get the same email again, the feature is re-enabled again, and I have to go in to manually turn it off again. This is totally unacceptable. I'm the only one who should be able to determine if my device is trusted and and if I want to enable auto login. I was told that there's nothing they can do and that I'll simply have to manually disable the feature every time. This is a major security flaw and it's a big deal. I was told that my concern has been escalated but I'm posting this here in the hopes of raising the visibility of this issue. Thanks.

denniz1 · ‎Nov-05-2024

you must know this security hole has been left open for a reason why reply with rubbish isn,t it better to be honest and just not reply

EilaGoss · ‎Dec-11-2021

Is this the issue? No password required? Options EilaGoss New Community Member Posted on ‎Dec-10-2021 10:48 PM When using Ebay the PayPal payments are going through without my having to put in a password. Why? Is there a way of stopping this?

j_a_s · ‎Dec-11-2021

Once you log in you have to actively log out otherwise you'll stay logged in forever. Every time I do a payment, I have to go into PayPal and log out. You shouldn't have to take that extra step - the system should automatically log you out when you leave or time out after a certain length - but it doesn't. That's a separate issue from the auto-login problem. It's shocking that a financial company doesn't take the most basic security precautions.

EilaGoss · ‎Dec-12-2021

Thank you. I agree the system should automatically log users out. I think it may do after a certain amount of time as I got a notification that I had timed out trying to get into the forum...

shine75 · ‎Dec-23-2021

This gets me so angry. I’ve complained SEVERAL times . It’s exactly the same response. They tell me how to turn it off …. Which is not at all the issue . I know how to turn the damned auto log in option off , they make me do it once a week . Every time they say they’ll escalate the complaint to their techs but it just keeps happening. I don’t understand how a business, who’s top objective is security , can blatantly disregard it in this fashion . It’s absolutely ridiculous

SomeUser567 · ‎Dec-23-2021

It doesn't matter what a business claims their "top objective" is, it's always to make as much money as possible. PayPal has made the calculation that they'll make more money by having people constantly logged in than they would by being more secure for their users. This is the same calculation they made when they let sellers slip in automatic payments on you. After every PayPal purchase you have to check your automatic payment settings to make sure PayPal didn't give the seller back door access to your money.

denniz1 · ‎Nov-05-2024

be careful what they done to me is my "Update next to Auto Logins" has disappeared altogether because i kept turning it off in "security" now i have to save an old email which still has the link

chaos215bar2 · ‎May-16-2022

This is absolutely insane, and customer support is clueless. I'll call and try to explain for the tenth time that this is a shared computer, and I never want PayPal to automatically allow anyone to do anything without a password, and all they'll say is that their automated system decided to trust my computer and that I can remove the trusted computer by signing into my account, which obviously completely misses the point.

I guess the only way to prevent PayPal from letting others use my payment information without my password and without my permission is to simply remove all the payment methods from my account and stop using PayPal.

EilaGoss · ‎May-16-2022

Totally agree. However I needed to log in to reply to your post! It lets me pay for stuff without logging in though... Also makes me prove I'm not a robot Ahhh

Drgnwyr · ‎Jun-30-2022

@EilaGoss That is because this community site is not “Paypal” per se and has better security than Paypal

PayPal Community

Major security flaw - the system keeps re-enabling auto login even after I keep turning it off

Haven't Found your Answer?