I just came across a situation regarding change of passwords for my Peerspace account and I thought I would share.
I personally manage several spaces and I have a small team of people working with me. My team has, of course, access to all spaces-related passwords. I’m a little bit concerned how easily the password can be changed without any type of security process to make sure the owner of the account is really the person requesting the password change.
I think it would be great to create a system so only the owner of the account can really change the password and we avoid any potential surprises or identity theft.
Good question. We designed Peerspace to be used as a peer to peer system where only one person owns or maintains access to an account at a time. Over time, we’ve seen that some hosts allow access to multiple people for administrative purposes. We’re definitely thinking about ways to make managing accounts and spaces easier for hosts who operate multiple spaces or employ teams to assist with their hosting. In the meantime, I think the suggestion @Eli_P mentions would be a great solution for those who are worried about the integrity of their account when they choose to share access with others. Please be careful if you choose to let multiple people use your account.
We still have a lot of problems related to this and I was wondering if any progress has been done in this respect.
We are growing our teams and now, to be able to achieve what we want to accomplish, we need to hire new people and we don’t see that even using Lastpass, our account can be fully protected.
You are right, Lastpass is not able to protect you if your employee wants to “cancel” your account.
I would give them access to the email and have them reach out to your clients that way.
Hi Eduard, We met on Wednesday at your space! I have the same concerns about security on this platform. It is not safe at all and there is no two way authentication which should be mandatory if any payment system is handled via any platform. I have never shared my Peerspace account with anybody but somebody hacked my Peerspace account and changed the bank account information without my knowledge and redirected over $5,500 into a strange bank account just last month. When I realized what happened because I was waiting for the payments, Peerspace was only able to recover some part of the payments and they still owe me $3300. Just be able to monitor your payment is not safety enough. I really hope they changes this very soon and add the 2 way authentication so it becomes a lot more difficult to change your password by a hacker. The problem is not just that somebody could know your Peerspace password, the real problem is that as long as somebody has access to your emails they don’t need your password, they can just change it by clicking on “forgot password” whenever they want and that also means that they can redirect your payments to a different bank account and you don’t even know about it. That is really unacceptable. The way I see it, the money was not stolen from me because I never received it in the first place, it was stolen from Peerspace on their system before it got to me. I’m very concerned if this becomes public knowledge that the Peerspace system is so easy to hack that all hosts will be targets to hackers very quickly. So Peerspace team, you guys build an amazing platform and I love working with you guys but please do your homework and make this system safe and integrate 2 way authentication and you have the best unbeatable creative space rental platform system out there.
Sorry to hear about your troubles!
I would use a VERY long lengthy password which only you can remember and do not use the password for anything else. I also change my password every couple months.
Thanks Eli, You mean the email password or the Peerspace password? The problem is really that Peerspace has not 2 way authentication for critical information like the bank info. This is standard with most companies now and I think they need to do this ASAP or many other host will be in trouble soon because Peerspace thinks it is my fault that the money is gone even I never received the money in the first place. And by the way I was informed that $4,300 where actually stolen from me and not only that, Peerspace still took the $1000 commision fees as well from me and the renter and I get nothing. Does that sound fair? The only thing they offer me is to not charge the fee for the next 7 bookings which could be as little at $420 and wouldn’t be even 10% of the damage and they still made their full 100% profit of $1000 in fees from this damage. This is not right!
Both your email and Peerspace password, I understand the frustration. Email Peerspace to add it to their list of addons.
About your fees the best thing to do is to handle it directly with Peerspace themselves. Fees is nothing the community can help with.
Good luck!
This is quite alarming. Hacking and spoofing and all of it are on the rise, and now they are hacking phone numbers so they can intercept the 2-way authentication codes, meaning we will have to get additional security in place.
Naturally I don’t know any details about this specific case beyond what I have read above, but it is distressing that this has happened, and it does not sound like much of a resolution for the host. I would like to see Peerspace show some leadership in prioritizing additional security, and taking responsibility in getting the host paid.