Support

Forum

A place for Dynadot and community experts alike to ask questions, share ideas, and more.
The nightnare of "Change your password" demand without notice
Today, I had one of the greatest nigtmares of which can face anybody who uses the internet on a regular basis. A demand by Dynadot, to change my password before I could do anything that I urgently needed to do. Cant there be a warning, say, in the month ahead, "Time to change password by the end of the month", so I could be given the chance to change the password in a more relaxing way. Being "put on the spot" like that, is, dangerous, in many different ways. #1, I really dont have any email accounts outside Dynadot of which I use on any regular basis. I cant tell you how lucky I am, that I do have such, and, almost a freak chance, I did remember the password I had for that??? See how this would have "blocked me forever from Dynadot" #2, Being put on the spot to change the password like that, poses such serious problems when it comes to, my ability to select a suitable password to have, and for me to remember that password too, when I may not have paper or other recording means by my side at that moment. #3, Furthermore, What if I had to access an email or other urgently, and, I had only a limited opportunity for me to do that urgent task. Being put on the spot like this, can destroy my opportunity to do what I needed to do, just for the time it takes to mess around with getting a new password like this. I could have lost domain names I forgot to renew, or buy new ones I needed for a business, or, important other needs. I will also say, why would we need to change our password on a regular basis anyway? Unless a hacker was looking over my shoulder, or my e-shoulder as I type in a password, or if they hack your database containing my password, then how are they going to guess my old password any better than my new one? I have had fairly simple passwords for 20 years, including for banking and other matters. I have never had a problem, unless you count myself being blocked because I cant remember what is my Password right now. Mind you, I am never silly enough to use words like Pass or code etc.
replied j_s_narre_warren_au
Thank you for your feedback. We apologize for this inconvenience, during our team's routine security checks they discovered irregular activity and to ensure all customers are protected we requested for you to reset your password before you could access your account. The security of your account is always a priority for us. It is actually why we have routine security checks in place. If there were difficulties with changing your password, our accounts team would certainly help you to access your account. If you have any other questions or concerns, please feel free to contact us via email, chat support or phone. Thank you for your understanding. Best regards, Dynadot support team
Reply Quote
2 Replies
replied
I want to reiterate and amplify the problems that were created with the blind notice at login time that the password must be immediately changed. This was a significant failure on Dynadot's part. As soon as I saw that notice, my first thought was that I had landed on a phishing page. I immediately checked the URL, which comes from my *local* password locker. The URL was correct. I then checked the browser's certificate report, it was valid. I looked through all my email for any notice on the need to update my password--no such email was found but several others immediately before and after the effective date were found. I then googled for 'dynadot immediate password change' and found this forum page on your site. ONLY THEN did I proceed to change the password, which, IIRC, did require my external authentication token. As was mentioned by the OP, an unexpected demand to immediately change a password at login time is /per se/ a security problem, which compounded any irregularities you found on your side. Why weren't customers proactively emailed with a notice of the required PW change? Why was it thought that a notice /during/ the login process was sufficient? When will a report on the discovered irregularities be sent to customers? Such action is consistent with a secure and transparent organization?
Reply Quote
0 Replies
replied
Thanks for your feedback. According to our findings, we need quick action, and the "Change Password" is the best way to protect all of our customers' accounts. We have communicated about the irregularity with the related accounts specifically. If you didn't receive any communication, then your account is well. An email communication had been sent out as soon as we can to explain it. We apologize this email isn't in the situation to be forecasted. This "Change Password" has bothered all of our customers, but it is the only and best way for all our customers. We sincerely apologize for the issue and thank you for your involvement to update the password.
Reply Quote
0 Replies
replied j_s_narre_warren_au
hello
Reply Quote
1 Replies
replied
Hello Thank you for contacting Dynadot. We value your time and inputs. If you have any concerns or questions please specify in details and feel free to reach out to us via chat, email or phone from here. https://www.dynadot.com/community/about/contact.html . Best Regards, Dynadot Support Team
Reply Quote
0 Replies