Domain
Find Your Domain
Purchase Domains
Domain Search
Transfer
IDNs Search
TLD Prices
Product
Websites
Email
SSL
Domain Tools
Domain Appraisal
Suggestion Tool
Security
Grace Deletion
API
Whois Lookup
Aftermarket
Manage Your Portfolio
Marketplace
Aftermarket Search
User Listings
Backorders
Expired Closeout
Auctions
Expired Auctions
User Auctions
Backorder Auctions
Last Chance Auctions
Registry Expired Auctions
Learn
Buying Domains
Selling Domains
Newsletter
Investing Guide
Support
Help Center
Chat : Online
Tickets
Feature Requests
Report Bugs
Contact Us
Request Account Manager
Resources
Blog
Help Files
Forum
Introduction to Domains
Copyright © 2002-2024 Dynadot LLC. All rights reserved.
Back
Domain
Find Your Domain
Purchase Domains
Products
Domain Tools
AfterMarket
Manage Your Portfolio
Marketplace
Auctions
Learn
Support
Help Center
Chat: Online
Resources
Are you sure you want to close the chat?Chat will be closed and the chat history will be cleared.
continue to sign out,
or stay on chat.
To review this chat session please click this windows.
Chat Online
Chat Online0
Support

Forum

A place for Dynadot and community experts alike to ask questions, share ideas, and more.
The nightnare of "Change your password" demand without notice
Posted By j_s_narre_warren_au
6/15/2022 20:15
Today, I had one of the greatest nigtmares of which can face anybody who uses the internet on a regular basis.

A demand by Dynadot, to change my password before I could do anything that I urgently needed to do.

Cant there be a warning, say, in the month ahead, "Time to change password by the end of the month", so I could be given the chance to change the password in a more relaxing way.

Being "put on the spot" like that, is, dangerous, in many different ways.

#1, I really dont have any email accounts outside Dynadot of which I use on any regular basis.  I cant tell you how lucky I am, that I do have such, and, almost a freak chance, I did remember the password I had for that???  See how this would have "blocked me forever from Dynadot"

#2, Being put on the spot to change the password like that, poses such serious problems when it comes to, my ability to select a suitable password to have, and for me to remember that password too, when I may not have paper or other recording means by my side at that moment.

#3, Furthermore,  What if I had to access an email or other urgently, and, I had only a limited opportunity for me to do that urgent task.  Being put on the spot like this, can destroy my opportunity to do what I needed to do, just for the time it takes to mess around with getting a  new password like this.   I could have lost domain names I forgot to renew, or buy new ones I needed for a business, or, important other needs.


I will also say, why would we need to change our password on a regular basis anyway?

Unless a hacker was looking over my shoulder, or my e-shoulder as I type in a password, or if they hack your database containing my password, then how are they going to guess my old password any better than my new one?

I have had fairly simple passwords for 20 years, including for banking and other matters.  I have never had a problem, unless you count myself being blocked because I cant remember what is my Password right now.  Mind you, I am never silly enough to use words like Pass or code etc.
Reply Quote
Posted By teamdynadot
6/23/2022 02:55
Thank you for your feedback. We apologize for this inconvenience, during our team's routine security checks they discovered irregular activity and to ensure all customers are protected we requested for you to reset your password before you could access your account. The security of your account is always a priority for us. It is actually why we have routine security checks in place. If there were difficulties with changing your password, our accounts team would certainly help you to access your account. If you have any other questions or concerns, please feel free to contact us via email, chat support or phone.

Thank you for your understanding.

Best regards,

Dynadot support team
Reply QuoteHide Replies
d_l_los_alamitos_us replied teamdynadot :7/20/2022 09:03
I want to reiterate and amplify the problems that were created with the blind notice at login time that the password must be immediately changed. This was a significant failure on Dynadot's part.

As soon as I saw that notice, my first thought was that I had landed on a phishing page. I immediately checked the URL, which comes from my *local* password locker. The URL was correct. I then checked the browser's certificate report, it was valid. I looked through all my email for any notice on the need to update my password--no such email was found but several others immediately before and after the effective date were found.  I then googled for 'dynadot immediate password change' and found this forum page on your site.

ONLY THEN did I proceed to change the password, which, IIRC, did require my external authentication token.

As was mentioned by the OP, an unexpected demand to immediately change a password at login time is /per se/ a security problem, which compounded any irregularities you found on your side.

Why weren't customers proactively emailed with a notice of the required PW change?
Why was it thought that a notice /during/ the login process was sufficient?
When will a report on the discovered irregularities be sent to customers? Such action is consistent with a secure and transparent organization?
Reply Quote
teamdynadot replied d_l_los_alamitos_us :8/4/2022 22:39
Thanks for your feedback. According to our findings, we need quick action, and the "Change Password" is the best way to protect all of our customers' accounts. We have communicated about the irregularity with the related accounts specifically. If you didn't receive any communication, then your account is well. An email communication had been sent out as soon as we can to explain it. We apologize this email isn't in the situation to be forecasted.
This "Change Password" has bothered all of our customers, but it is the only and best way for all our customers. We sincerely apologize for the issue and thank you for your involvement to update the password.
Reply Quote
Posted By r_e_ughelli_ng
8/19/2022 03:22
hello
Reply QuoteHide Replies
teamdynadot replied r_e_ughelli_ng :11/2/2022 08:40
Hello

Thank you for contacting Dynadot. We value your time and inputs. If you have any concerns or questions please specify in details and feel free to reach out to us via chat, email or phone from here.

https://www.dynadot.com/community/about/contact.html .

Best Regards,
Dynadot Support Team
Reply Quote
Domains
Domain Search
Transfer
IDNs Search
TLD Prices
Sales
Resellers
Websites
Email
SSL
Domain Suggestion Tool
Security
Grace Deletion
API
Whois Lookup
Payment Plan
Aftermarket
Aftermarket Search
Market Overview
User Listings
Backorders
Expired Auctions
User Auctions
Backorder Auctions
Last Chance Auctions
Expired Closeout
Support
Blog
Help Files
Forums
Buying Domains
Selling Domains
Newsletter
Prepay
Payment Options
Report Abuse
Dynadot
About
Contact
Events
Site Map
APP
Refer-a-friend
Affiliate
Auction Affiliate
Download the app:
Copyright © 2002-2024 Dynadot Inc. All rights reserved.
          
Domains
Domain Search
Transfer
IDNs Search
TLD Prices
Sales
Resellers
Websites
Email
SSL
Domain Suggestion Tool
Security
Grace Deletion
API
Whois Lookup
Payment Plan
Dynadot
About
Contact
Events
Site Map
APP
Refer-a-friend
Affiliate
Auction Affiliate
Aftermarket
Aftermarket Search
Market Overview
User Listings
Backorders
Expired Auctions
User Auctions
Backorder Auctions
Last Chance Auctions
Expired Closeout
Support
Blog
Help Files
Forums
Buying Domains
Selling Domains
Newsletter
Prepay
Payment Options
Report Abuse
Download the app:
Copyright © 2002-2024 Dynadot Inc. All rights reserved.