Hello. I wanted to join this thread as our process for recovering account with lost passwords has been called into question. I am not sure what account
@DreamZ55 is referring to, but I would invite you to PM us here, or, better yet, please email
[email protected]. We have a process to get back into accounts even when the password AND the answer to the security question are not known. Of course, in such circumstances, extra validation is required as not knowing your password and not knowing the answer to your security question raise flags about identity and trying to gain improper access to an account. We therefore, require completion of the process described here:
https://www.namesilo.com/Support/Password-Retrieval. Once that process is completed, we then send a reset link to the email address on file for the account holder. We have had this same process in place since the inception of our company over 7 years ago, and I am personally not aware of any time in which an account holder could not regain access to their account. We do not treat email as a lone secure method of proof of identity as email addresses can be hacked, and in many cases hacked email addresses are used to gain improper account access. This is why we have an extra step to prove identity other than simply sending an email out to the account holder when the password AND the answer to the account security question are not known. If we did so, anybody who hacked an email account could contact us and get a reset link to the account. We are currently working on integrating SMS as another option for account retrieval as well.
We take account/domain security VERY seriously. It is at least a weekly occurrence in which we are contacted by scammers looking to gain access to accounts/domains trying many different methods to get into accounts that are not theirs. Things like social engineering, threats of lawsuits, DDoS attacks, contacting our legal representatives, forging court orders, etc. are just a few of the ways in which scammers attempt to gain access to accounts. We therefore keep a strict policy on following our procedures to the letter and do not deviate. It is these procedures and polices that are a few of the biggest reasons that you won't read anywhere about our systems or customer service allowing improper access to accounts and our customers losing their domains (this is certainly unfortunately not the case with many other registrars).
When things like passwords and the answer to the security question are not known, or access to the email address on file with us is not available, we feel extra validation steps are both prudent and required. As noted above, we have a documented process for retrieving accounts even in that situation.
Many people on this thread and others throughout NamePros have used us for a long time, and I would imagine this is the first anybody has heard about such an issue, as it is the first time I am personally aware of it as well. I again invite
@DreamZ55 to contact us directly so that we can review what occurred since what has been described is certainly quite abnormal and we would like an opportunity to research to see what happened. Thanks