A security researcher has found a simple way round one of the systems Paypal uses to protect users' accounts. Deleting a few characters in the data which web browsers send to Paypal let Henry Hoggard bypass Paypal's two-factor authentication scheme. This system is supposed to make accounts more secure by using extra methods to confirm someone's identity. Paypal said it patched the bug days after it was reported.