Hey, Paypal, Just logged in today to change my password after the revalations about Heartbleed, and was astounded that you didn't preemptively force a password reset. For those reading this who don't know, Heartbleed is a vulnerability in, basically, the underpinnings of secure Web traffic (the OpenSSL implementation of the TLS/SSL protocol), which makes it possible for hackers to potentially get your passwords right out of a server's RAM. It is prudent, with the revalation, to change all your passwords soon - especially those protecting sensitive data like card numbers.
... View more