Dynadot refusing to unlock account, what are my options? ...

[tripflex]

Going to try and keep this short and sweet. I started a hosting company back in 2009, was just me and eventually grew in size. I ended up having to start hiring people and one of them that was with us for a short while I had setup an account with Dynadot to start catching auction domains.

Long story short, he left the company a month or so later, and now about 2 years later I go into the account to try and transfer one of the domains, and am unable to unlock the account.

Dynadot required birthday to unlock and if you don't have that you need the security question. I don't have the guys birthday and every attempt to contact him has failed.

Few things to note:

• All domains under account were purchase with MY business credit card with MY name on it
• The email on the account has been setup to forward to my email
• The address on the account is my company address
• The phone number on the account is company phone number

Contacted Dynadot multiple times and they basically refuse to unlock the account unless I get them a photo ID showing his name or provide the security question answer. I've asked them to just review the invoices and they will see it's my name on the credit card, asked to verify via sending a letter to address, or even call to verify, but they refuse to do any of that to verify the account.

So now i'm left with what options I have available to handle this. My first thought was just to get a lawyer involved, but that could end up costing a good chunk of change and I want to try and keep the cost down as much as possible.

The only other option I could think of was to let the domains expire and try and catch them in the Dyandot auction, or if the price ends up going crazy out of control in the auction, just renew the domain.

Does anybody have any suggestions or thoughts regarding this? I've exhausted every option I can think of to prove to them it's my account but have not gotten anywhere.

If I do let the domains go into auction and expire, say I end up not catching one of them because someone snipes the bidding and gets it .... technically I could still renew it, right? As long as it's within redemption period?

Thanks guys!!

 

[tripflex]

Thanks for everyone's response, and to answer your question DU, I did call numerous times but was never able to get a hold of anybody or when I did they just pawned me off saying "send an email here ..."

I did however finally get someone who was helpful and it actually ended up being on the weekend. I called and explained the situation, provided all my documentation and sure enough she was very helpful and reset the birthday for me! Profit!

So in the end I was able to get control of the account (even though we pretty much already had it) ... thanks for everyone's suggestions and input!

 

[Name Trader]

@Hyperslot - You do know you should never have your domains and hosting with the same company? That would cause you untold grief if you lost both your domains and your hosting. Most disputes seem to be with the hosting accounts (generally not about dynadot). So if you get in trouble with your hosting and they lock your account you lose both the your domains and hosting. Whereas if they are at separate companies and you get in trouble with your hosting, you can just sign up with a new host and carry on. Believe me. Wise words.

 

[forge]

Same thing has happened to me today. I will lose the two domains they now hold hostage, so be it.

Do not register domains with this company. Avoid Dynadot, do not give them any business.

I'd like to update this post, mainly to clarify that my response to my situation at that time may have been a little(?) rash.

I do still have a fair number of domains registered with Dynadot, and my experience with them, after this "rough patch", has been good and trouble free.

 

[mis_chiff]

Going to try and keep this short and sweet. I started a hosting company back in 2009, was just me and eventually grew in size. I ended up having to start hiring people and one of them that was with us for a short while I had setup an account with Dynadot to start catching auction domains.

Long story short, he left the company a month or so later, and now about 2 years later I go into the account to try and transfer one of the domains, and am unable to unlock the account.

Dynadot required birthday to unlock and if you don't have that you need the security question. I don't have the guys birthday and every attempt to contact him has failed.

Few things to note:

• All domains under account were purchase with MY business credit card with MY name on it
• The email on the account has been setup to forward to my email
• The address on the account is my company address
• The phone number on the account is company phone number

Contacted Dynadot multiple times and they basically refuse to unlock the account unless I get them a photo ID showing his name or provide the security question answer. I've asked them to just review the invoices and they will see it's my name on the credit card, asked to verify via sending a letter to address, or even call to verify, but they refuse to do any of that to verify the account.

So now i'm left with what options I have available to handle this. My first thought was just to get a lawyer involved, but that could end up costing a good chunk of change and I want to try and keep the cost down as much as possible.

The only other option I could think of was to let the domains expire and try and catch them in the Dyandot auction, or if the price ends up going crazy out of control in the auction, just renew the domain.

Does anybody have any suggestions or thoughts regarding this? I've exhausted every option I can think of to prove to them it's my account but have not gotten anywhere.

If I do let the domains go into auction and expire, say I end up not catching one of them because someone snipes the bidding and gets it .... technically I could still renew it, right? As long as it's within redemption period?

Thanks guys!!

If you hired him, did you not get his employee information?
If you set up the account, was it not you who created the security question?

While it is a pain in the ass, it is security we all depend on to prevent theft of our domains.
If by chance this was a disgruntled employee trying to gain access to your account,
you would be praising Dynadot Security system

they are reasonable, just got to find the right person to deal with - usually the Brass !

 

[gilescoley]

Dynadot are terrible, a few years ago I had my account locked because I tried logging in from computer in Indonesia

I emailed them numerous times telling them it was me , the owner of the account, that was trying to access the account and could they unlock it. I never thought I had set up a security question so didn't know it.

I told them all the other personal details of the account and all the domains in the account and they still wouldn't unlock it

Eventually, after weeks of emails, I told them to stick it up their $@#%##& and registered my names when they dropped, there weren't many but what a bunch of clowns over there

 

[Ralph2472]

Here's another option.
Assuming you know the guys name, and he lives in the U.S. you can easily get his details for a small fee.
Try Intelius.com
For $3.95 you can get his basic details including D.O.B. If you want more, it costs more; but you can get just about any information you want except medical records, and maybe his inside leg measurement.
I have no connection to Intelius other than having an account and using their services.
I hope this helps.

Regards

Ralph.

 

[forge]

I was googling around trying to help solve a similar problem when I found this thread. Glad to see the OP got his names back, and glad to see Dynadot tries to care about security, but the problem is far worse than described here as you can get your account permanently locked without warning if you don't realise the dangers at Dynadot.



You can submit the DOB three times. After a third failed attempt - you are not told there are only three allowed - you are asked to put in the secret security word set up when the account was created. If one - yes just one - attempt to input that fails for whatever reason, your account is locked and you are asked to send in a government photo ID, regardless of whether you have one or are allowed to send it, or are willing to take the risk of ID theft. You are told processing the ID can take 48 hours.

The lock, unlike most, does not expire - trying again later is futile, and Support does not help.

They do not warn you that loging attempts are limited and failure results in permanent locking. Login failure can be due to typos, interrupted internet connection, busy server, Dynadot malfunction, reversed date formats - in other words, not necessarily your fault, and yet you are treated like a criminal for wanting to access your own account.


This has happened to others as well:

....

This may need a whole warnings and alert thread - it seems to keep happening.

Same thing has happened to me today. I will lose the two domains they now hold hostage, so be it.

Do not register domains with this company. Avoid Dynadot, do not give them any business.

 

[Dynadot]

@Hypersot Thanks for tagging us & for being a Dynadot customer! It's not easy to get locked out of your account. Most customers have no problem locking or unlocking their account. The ones that do are typically either people who didn't set up their own account or people who put jibberish in for their secret question and answer.

Also, our system doesn't lock you out of your account. People who don't remember their secret question/answer are still able to access their account and manage their domain names. The account lock we're talking about here is an extra layer of security designed to keep your domains safe, so one thing you can't do if you can't unlock your account (or someone else trying to access your account can't unlock it) is transfer your domains away.

Hope that helps! Feel free to email us [email protected] if you have any more questions.

 

[Hypersot]

@Hypersot Thanks for tagging us & for being a Dynadot customer! It's not easy to get locked out of your account. Most customers have no problem locking or unlocking their account. The ones that do are typically either people who didn't set up their own account or people who put jibberish in for their secret question and answer.

Also, our system doesn't lock you out of your account. People who don't remember their secret question/answer are still able to access their account and manage their domain names. The account lock we're talking about here is an extra layer of security designed to keep your domains safe, so one thing you can't do if you can't unlock your account (or someone else trying to access your account can't unlock it) is transfer your domains away.

Hope that helps! Feel free to email us [email protected] if you have any more questions.

Excellent answer

thank you

 

[m-i-k-e]

• The email on the account has been setup to forward to my email

I just tried changing my password through the "forgot my password" option and it was simple. I entered my email address they sent me the password reset which included my username and I changed the password.

I'm now able to log in to the account with the new password and the username provided. If your email address gets the emails from Dynadot you should be able to change your password in seconds.

 

[m-i-k-e]

Aah I see what you mean now. Looks like you are only allowed to put in the wrong birthday 3 times or they lock that out.

Sorry, I can't help.

 

[Kate]

I think the most important thing is what the whois says.
If the whois says the domain holder is another person, then you need to demonstrate you actually are the rightful owner.

Basically, the registrars don't want to risk awarding domain names to a thief or a poser, and then be dragged in a lawsuit for negligence. Many partnerships go sour too...

This is why corporate domains should be listed in the name of the company, not an employee who could leave or even die in the future. Provided the account is not locked out yet, finding the DOB shouldn't be too hard.

 

[carob]

I was googling around trying to help solve a similar problem when I found this thread. Glad to see the OP got his names back, and glad to see Dynadot tries to care about security, but the problem is far worse than described here as you can get your account permanently locked without warning if you don't realise the dangers at Dynadot.

Dynadot required birthday to unlock and if you don't have that you need the security question.

You can submit the DOB three times. After a third failed attempt - you are not told there are only three allowed - you are asked to put in the secret security word set up when the account was created. If one - yes just one - attempt to input that fails for whatever reason, your account is locked and you are asked to send in a government photo ID, regardless of whether you have one or are allowed to send it, or are willing to take the risk of ID theft. You are told processing the ID can take 48 hours.

The lock, unlike most, does not expire - trying again later is futile, and Support does not help.

They do not warn you that loging attempts are limited and failure results in permanent locking. Login failure can be due to typos, interrupted internet connection, busy server, Dynadot malfunction, reversed date formats - in other words, not necessarily your fault, and yet you are treated like a criminal for wanting to access your own account.


This has happened to others as well:

https://www.namepros.com/threads/need-advice-dynadot-lock-out.729060/

This may need a whole warnings and alert thread - it seems to keep happening.

 

[bobbarato]

I'm a Dynadot fan and if sending in Gov ID will tip the scales, I'm fine with that. Beats paying for lawyers. There are those that think Dynadot is fly by night and there are those who think.

I am sympathetic to OP though and his initial attempts should have been enough the first time. What if OP said "Look / watch - I'm going to renew one of those domains right now. Still not good enough? I'll come back a week later and that charge will still be valid. Not fraud, no charge back."

 

[cdboard]

this thread reminded me that I should verify that I can unlock my account.

I did, and locked it again. I suggest everyone check to see if they can unlock.

 

[SamuelLDotson]

They do not warn you that loging attempts are limited and failure results in permanent locking. Login failure can be due to typos, interrupted internet connection, <snip> reversed date formats - in other words, not necessarily your fault, and yet you are treated like a criminal for wanting to access your own account.

Many people get locked out of their accounts (or lock their accounts). Many times for the reasons you've stated above. Some people get locked out many times in the course of their history with us. They simply email us and we remove the lock.

An account would not be secure if we allowed, for example, an unlimited number of sign in attempts or birthday attempts. I do not believe you are suggesting we do that, but it would seem that there does need to be some limit in order to prevent brute force attacks.

BUT with Dynadot using a company name could be fatal if this account lock happens, because then Dynadot will robotically demand a photo ID, even if someone does not have one, like this person:

We actually wouldn't do that.

this thread reminded me that I should verify that I can unlock my account.

I did, and locked it again. I suggest everyone check to see if they can unlock.

Everyone should do that.
Especially if it is a company account. They should also make sure all the particulars for an account are recorded somewhere.

 

[Name Trader]

@forge - What happened for them to lock you out of your account? I'm interested because they have been my preferred registrar for years. I have many domains there. I think their service is impeccable,

 

[DU]

I've been told by their support that ALL user accounts are locked down by default. So if by chance you enter an incorrect date of birth upon unlocking, after 2 or 3 attempts you are denied access. In order to 'reset' your stated DOB, you are then required to answer a "secret question". I don't recall even setting a "secret question" answer for my account in the first place. Mind you, I never had any password issues for accessing at least the "first level" of my account.

If one time you answer this question incorrectly, your account will be locked down permanently until you "send" Dynadot a photo of a government-issued ID.

Say what you will, but as far as I'm concerned this is nonsense. It's not even worth my time discussing further, but feel free to argue among yourselves.

For Those Who Might Want to Argue
The account lock is always the birth date. You could use a real one, a consistent fake one (how many NP members have Jan 1 birthdays!), or write it down.

It's like a password. It's important to have a record or use one you won't forget.

Secret Question
The secret question is YOUR OWN QUESTION and with YOUR OWN ANSWER.

Examples you can use:

Question: "It's a Color rhymes with foo and and a flower that rhymes with lows"
Answer: PurplooLilyoes

Question: "It's a fish but also a mammal"
Answer: "dolphin"

Question: "Two Plus Two is what?"
Answer: "dolphin"

Question: "What is a good word reversed"
Answer: "nihplod"

Question: "I'm not even going to ask a question because you know the answer (not purploolilyoes)?"
Answer: "dolphin"


One time entry seems harsh though. I think 2 goes or 3 would be ok. Or 1 per email soft reset.

 

[carob]

Most customers have no problem locking or unlocking their account.

Hi Dynadot thank you for your general reply. Now could you kindly answer the unanswered question that has been put to you here and elsewhere:

In many parts of the world there is no requirement to have a photo id of any kind and many people do not have one. So how do you unlock those accounts?

 

[forge]

Providing your driver's license could put you at risk of identity theft

http://www.consumerreports.org/cro/news/2013/12/drivers-license-identity-theft/index.htm

“It’s a terrible, terrible practice," said Marc Rotenberg, executive director of the Electronic Privacy Information Center. "To begin with, it’s easily a contributor to identity theft, and it’s unnecessary.”

http://www.pcworld.com/article/136120/article.html

Information to Keep Private
Almost Never Provide Your...
Driver's license Though your state's Department of Motor Vehicles site may require you to enter this information, no other site should

 

[tripflex]

I just tried changing my password through the "forgot my password" option and it was simple. I entered my email address they sent me the password reset which included my username and I changed the password.

I'm now able to log in to the account with the new password and the username provided. If your email address gets the emails from Dynadot you should be able to change your password in seconds.

Unfortunately that's not the problem, I have complete access to the account, and never had to reset the password as that's something I made sure I had from him before he left. The problem is unlocking the account so I can transfer the domain. In order to transfer, change account name, address, or email, you must unlock the account. This is only something specific to Dynadot as other registrars don't require all of this, but for some reason they are playing hard ball with me about it. Even their TOS has some holes in it where I know legally we would be fine, but again that will cost money to get a lawyer involved and i'm not trying to spend that on a couple domains only worth 1-2k

 

[tripflex]

If you hired him, did you not get his employee information?
If you set up the account, was it not you who created the security question?

While it is a pain in the ass, it is security we all depend on to prevent theft of our domains.
If by chance this was a disgruntled employee trying to gain access to your account,
you would be praising Dynadot Security system

they are reasonable, just got to find the right person to deal with - usually the Brass !

Unfortunately no, this was when I first needed help with everything so it was sort of, help us out and i'll pay for your weekly motel stay, lunch, and pocket change ... def not the way we do things now, but that was when first got busy and needed to at least get someone on board until I could get the hiring process figured out.

I understand security and the reasoning behind it, I just feel at this point there is way more than enough to verify it is actually my account but they refuse to budge on it. I mean just the fact that my name is on the credit card for every transaction under that account should be enough. Disgruntled employee would not have nearly as much information as I have provided them in attempt to unlock the account.

 

[randian]

Even if you have the employee's birthday it may not be what was used. I never give websites my actual birthday, for example.

 

[Name Trader]

@tripflex - At Dynadot you cannot renew a domain for regfee after it is taken from your account on Day 40. At which point it has been thru the auction process and after 40 days you cannot renew any domain which has been won at auction by somebody else. Domains not won at auction you can renew by paying the Redemption Fee.