12-28-2020 11:22 AM
For a while now, I've been randomly getting issues logging in -- the recaptcha that it shows (it seems to randomly choose to display it either before or after asking me for my username and password) just loops -- I solve the stupid puzzle, it refreshes the page and offers a new one.
Sometimes on giving up and coming back the next day, it works. Sometimes not.
But today I tried to get in to print the label for something that sold; I don't want to put that off a day or few for EBay to get its (re)**bleep**(tcha) sorted out again. I have: exited and restarted my browser; exited my browser and cleared cache and cookies; rebooted my PC, router, gateway, firewall; updated my browser; all the usual garbage that solves every problem about zero percent of the time. The final go-to answer is to install Google's spyware (Chrome) and use that for everything; no thanks.
I finally got in today by getting EBay to call me and the person on the other end reset my password. I could log in using the password reset email. I've had to do this a few times in the last few months. No, I'm not forgetting my password; it complains about that without the recaptcha loop (assuming it demands the recaptcha afterward) and today's battle was demanding the recaptcha before it even asked for my username.
Suggestions other than moving to Chrome, would be appreciated, if there are any.
I'm sick of proving I'm not a robot to some artificial idiocy based robot. I regularly fail Google's Turing tests that help them train their self-driving cars (I either solve them too quickly, too slowly, too perfectly, or not perfectly enough -- my personal record is over an hour spent with Google's recaptcha2 to get into an account I closed during that session), and the geetest one seemed okay until EBay started adding other junk around it.
I just pulled all my sales. I'll deal with them somewhere else. When I can log into EBay successfully without a fight, without needing to get EBay to phone me so I can ask them to reset my password (seems this is the only backdoor that has worked for me lately), and without other artificial idiocy forced upon me, and it stays that way for a few months, I might consider selling here again, depending upon how adversely they have changed their terms in the meantime (recent changes have been quite disconcerting).
Solved! Go to Best Answer
12-28-2020 11:57 AM
Suggestions other than moving to Chrome, would be appreciated, if there are any.
You do not say which browser you are using, but there are many options available aside from Chrome if your current browser is not working with eBay. Sometimes trying another browser will let you to finish what you are doing and allow you to figure out if there are settings in your original browser that can be changed to allow it to work with eBay again.
In some cases, trying a private or incognito browser window may be enough to bypass some problems related to cookies, cache or profile.
If you are using Firefox, try disabling Enhanced Tracking Protection on eBay using the shield icon that appears to the left of the page address.
In some cases, ad blocking can cause sign in issues; disabling your ad blocker on the sign-in page may help.
Some other general suggestions for dealing with sign in and verification problems, including using alternative sign-in links can be found here:
I'm sick of proving I'm not a robot to some artificial idiocy based robot.
As much as you hate proving you are not a robot, I guarantee that hackers that want to use automated tools to try to crack accounts hate them more. If you have ever had an account taken over by a hacker, or been involved in a transaction with a hijacked account, you know how much trouble that can cause. And if you have not had that experience, you can thank Captcha and similar tests for that, at least in part.
12-28-2020 11:57 AM
Suggestions other than moving to Chrome, would be appreciated, if there are any.
You do not say which browser you are using, but there are many options available aside from Chrome if your current browser is not working with eBay. Sometimes trying another browser will let you to finish what you are doing and allow you to figure out if there are settings in your original browser that can be changed to allow it to work with eBay again.
In some cases, trying a private or incognito browser window may be enough to bypass some problems related to cookies, cache or profile.
If you are using Firefox, try disabling Enhanced Tracking Protection on eBay using the shield icon that appears to the left of the page address.
In some cases, ad blocking can cause sign in issues; disabling your ad blocker on the sign-in page may help.
Some other general suggestions for dealing with sign in and verification problems, including using alternative sign-in links can be found here:
I'm sick of proving I'm not a robot to some artificial idiocy based robot.
As much as you hate proving you are not a robot, I guarantee that hackers that want to use automated tools to try to crack accounts hate them more. If you have ever had an account taken over by a hacker, or been involved in a transaction with a hijacked account, you know how much trouble that can cause. And if you have not had that experience, you can thank Captcha and similar tests for that, at least in part.
12-28-2020 12:56 PM
I'm guessing you're using Firefox. Had that problem for months, so, on my personal computer using Firefox, I just never log out of eBay. Just close the windows and shut down at night. No one else can access my PC, so no problem. On my phone I just stay logged in to.
12-29-2020 12:21 PM
I have chrome and the app, same problem!
12-30-2020 04:02 PM
Well, it still doesn't let me in without awkward measures today.
Thank you for the suggestion of using 'anonymous' mode; at least that seems to work today. I have had another site ban that too (and their answer was also use Chrome -- until they banned Chrome for a while due to a security hole a short time later, then they just said to wait for their web people to get it sorted out or for the version of Chrome that Google had promised would fix the hole for which they banned it), so I'm not holding much hope it will continue to work for very long.
I loathe it not just on principle of having to pass some stupid Turing test (that by the time I see it the first time already has services online to defeat it!), but also on the grounds that it seems like another security sham -- like using Unm3Merab! p@5swerdZ (I dropped the 'e' from the end of 'unmemerable' because most systems limit you to 10 characters) that are restricted to a few characters (so easy to brute-force) instead of a reasonably long passphrase (say up to 128 characters) that could be remembered by the users without writing it down somewhere (and would be a lot harder to brute-force).
I don't feel better having my login information and all this tracing of me through third parties. It just seems lazy to me to deal with it this way, and leaves too much exposed.
I have for years hosted things for friends or business acquaintances. I log all bad attempts to login into what few services I have visible to the outside, and have a daemon that monitors the log. If an IP address makes a number of failed attempts to authenticate, it's blacklisted -- all further traffic from it is dropped summarily for a period of time (and inbound traffic during the blacklist interval restarts the interval and adds more time). My services don't need to keep track of this (so for example I can have a usual dumb webserver that can't keep track of a client even any longer than a single TCP session is open), I don't have to share login credentials or demand tracking from anybody using my stuff, and due to other minor configuration settings (such as restricting new sessions per IP address to some number per second), even though the blacklisting is handled by an additional program, the response time is usually quick enough to only allow a small handful of connections before a response can be committed to the firewall. Oh, and I'm on a gigabit connection from one ISP and 50mb as a backup from another, with static IP addresses on both. While I'm sure I'm still susceptible to DDOS or similar, I have yet to come up with a way of handling that short of intimate cooperation with an upstream ISP, and nobody is willing to do that, at least for the amount I'm willing to pay for connectivity (and maybe not at all these days).
In 20+ years with full-time online dedicated systems and static outside IP addresses, I have not had a successful intrusion, but I have had millions of attempts (some systems do try to have hundreds of connections open, but restricting that at the firewall level to a reasonable number per second per IPA is easy -- and modern webservers/webclients don't suffer since they can pipeline requests on a single TCP session). So I do have some sympathy for the problem; just not for the captcha based 'solution' (or any third-party solution I have seen implemented to date).
I have also had my login credentials for multiple services get out onto the 'dark web' (not by me). In most of these cases, I consider it incompetence by the people who were hosting the service (and since I use different passwords everywhere, the damage to me is limited). But I do lose faith in such services when I find my information 'out there'. In at least a couple cases, the services that 'leaked' my credentials for themselves were also 'protected' by some 'recaptcha' like junk and they still were cracked.
There are places for such things as recaptcha, however. One place I would say I think things like recaptcha might be a good idea is on a public forum -- asking for one to be solved before allowing a 'guest' user to post (or if you allow users to 'stay logged in' and don't ask them to reauthenticate when their IP address changes for example, but that's just being annoying to those of us who do not 'stay logged in', in order to support laziness of those who do use such things).
12-30-2020 04:20 PM
close all extensions from chrome and login
12-30-2020 05:02 PM
I loathe it not just on principle of having to pass some stupid Turing test
No one likes that, but the hackers and script kiddies hate it much more than you do -- and that is who it is designed to thwart.
Blacklisting IP addresses is an excellent technique for many cases -- and one which eBay also employs, much to the dismay of folks that get blocked by Akamai for one reason or another -- but that won't stop a distributed attack.
And neither of those defenses work against phishing.
Internet security is an endless cat and mouse game, with browser outfits, major sites, third-party software developers and ISPs taking turns pulling the rug out from under everyone else by changing the rules on the fly.
Users have to roll with the punches and realize that the more they customize their security setup, the more likely some minor change implemented by someone far away will cause a problem, unfortunately.
Glad you were able to find something useful in my little collection of tricks -- most of which were gleaned from other users posting on the discussion boards when things stopped working for one reason or another.
10-11-2022 10:53 AM