Made an account about 10 years ago with email address x, mobile telephone number y, bank debit card z with some security questions thrown in.
I cannot remember my password from 10 years ago so I need to reset it.
If I try to reset it, they want to send me an sms otp to the mobile number from 10 years ago which I no longer have. Obviously I cannot update the mobile number if I cannot log in.
Another option they give me is to enter some portion of the debit card number that was linked to the account. I no longer have that account from that specific bank, nor have the old cards laying around.
Another thing they offered was for me to fill out the answers to the security questions, but I absolutely hate these and always fill in random characters by mashing my keyboard, so no go here.
In their help guide they say you can contact support if you cannot log in at all, but you have to log a support ticket.... which requires me to log in. Last time I gave up after 30 minutes of poking around their site to try and find a way to speak/email a human that can help me get back into the account, since almost every path leads back to the login screen which wants my debit card number from 10 years ago.
So I've started ignoring paypal now. All their emails that I still get goes in the trash and I will never use them again. Keep in mind this was a business account linked to a business bank debit card (it was the only way back then to link to an account in my country, and only one bank offered the integration, since then things have become much more reasonable (cheaper business credit cards = international ease)).
I'm fully willing (well not anymore) to send them a copy of my national id card to unlock my account while we speak on the phone, but they seem to have no path to support their clients unless logged in. Maybe its been fixed by now but I no longer care about it enough. If you build systems with an auth mechanism, please cater to all the unhappy paths your clients might fall into. I'm not one of those people who will go scream on twitter to get help, I just silently walk away and you lose a client. It's that simple. I'm not expecting them to treat me like a king, I just wanted to log into their site, that's all.
> Another thing they offered was for me to fill out the answers to the security questions, but I absolutely hate these and always fill in random characters by mashing my keyboard, so no go here.
This should go as a cautionary tale to always use a password manager. I, too, hate insecurity questions. But instead of mashing keys, I generate unique passwords for them and use the question as a username. Then save them in there as well.
I do now, I have hundreds of logins stored as of today.. but back then, password managers were not as user friendly as they are today, and the ones that were, did not have sync/online storage, thus I have no credentials stored for paypal. I think my credentail store has items from about 2015 and newer. I remember those days where I had a text file with passwords that I would then encrypt as a zip file with the strongest encryption that the zip tool allowed.
On principle I will not ever supply Security Questions with real answers, they are rubbish. Most of them you have to answer exactly correctly (spelling/casing), so you are biased to use simple one word answers that any of you family members or close friends can guess.
I prefer 2FA, but back then offline 2FA wasn't that big of a thing and most sites only supported 2FA via an sms otp, if they even supported it (aka justified the financial costs).
> In their help guide they say you can contact support if you cannot log in at all, but you have to log a support ticket.... which requires me to log in.
I've been burned by that logic at several companies. It's really infuriating. I've even had one where they had a phone number to call for support, but the phone number was locked away behind a support login screen.
My friend dropped her phone in the Uber vehicle about 1.5 years ago, so we phoned Uber support whom insisted that we log into their website to log a support ticket... BUT, in order to log into their site, you have to enter the otp sent via sms.. to the phone that is in the car. Took the support lady a few attempts to understand that we cannot log in.
We rand her phone twice, within 10 minutes of realising the phone is missing. First time it rang, second time he switched the phone off.
Eventually we managed to talk to the driver, but he insisted that there was no phone in his car. We never got the phone back. When we asked Uber support again what can we do, they rambled stuff about drivers being Independent Contractors etc. I personally haven't used Uber since that day. She still uses Uber.
We couldn't track her phone because it took 6 days to do a sim swap, again, needing to receive an otp from Google to login to track the phone, but by then it was off.
I used Uber Eats earlier this year and an order took 2 hours (it was obvious the guy is using more than one delivery app), same story from Uber support. Haven't used it since.
How do you know that the next passenger didn't get your phone? You cannot assume it was the Uber driver. It could even be that you dropped it in the street while getting off the Uber.
I had a similar problem. I have paypal accounts in 3 countries. One my home country. Since I haven't lived in my home country for 10 years, I never use the account. However, some day I got an email asking me to login and do something, so I went to PayPal.com and logged in using my password manager (Bitwarden). But then they thought it was suspicious that I was logging from another country and they wanted to send me an SMS to my old phone, which I no longer have. In the end, I let the account die.
Made an account about 10 years ago with email address x, mobile telephone number y, bank debit card z with some security questions thrown in.
I cannot remember my password from 10 years ago so I need to reset it.
If I try to reset it, they want to send me an sms otp to the mobile number from 10 years ago which I no longer have. Obviously I cannot update the mobile number if I cannot log in.
Another option they give me is to enter some portion of the debit card number that was linked to the account. I no longer have that account from that specific bank, nor have the old cards laying around.
Another thing they offered was for me to fill out the answers to the security questions, but I absolutely hate these and always fill in random characters by mashing my keyboard, so no go here.
In their help guide they say you can contact support if you cannot log in at all, but you have to log a support ticket.... which requires me to log in. Last time I gave up after 30 minutes of poking around their site to try and find a way to speak/email a human that can help me get back into the account, since almost every path leads back to the login screen which wants my debit card number from 10 years ago.
So I've started ignoring paypal now. All their emails that I still get goes in the trash and I will never use them again. Keep in mind this was a business account linked to a business bank debit card (it was the only way back then to link to an account in my country, and only one bank offered the integration, since then things have become much more reasonable (cheaper business credit cards = international ease)).
I'm fully willing (well not anymore) to send them a copy of my national id card to unlock my account while we speak on the phone, but they seem to have no path to support their clients unless logged in. Maybe its been fixed by now but I no longer care about it enough. If you build systems with an auth mechanism, please cater to all the unhappy paths your clients might fall into. I'm not one of those people who will go scream on twitter to get help, I just silently walk away and you lose a client. It's that simple. I'm not expecting them to treat me like a king, I just wanted to log into their site, that's all.