- Impact
- 1,488
Really confused, but details starting to emerge.
Account Security as of 2-27-18
1. GoDaddy account was 2FA protected, but turned out it was only for "high-value" transfers? Don't remember doing that, but it's on me.
2. I had a 12 character random pass generated by LastPass; I already changed it quickly but from a glance I don't think it had special characters etc. Also on me; I usually use very long, secure passwords. So they brute force the GD account? GD doesn't have a way to prevent this. I don't get this.
It's not like me as I deal in crypto (lord have mercy) and I am hyper secure most of the time, I somehow overlooked these details with this particular account, but I'm kicking myself. However, I don't feel the GD response is really making me feel like shit is under control.
Domain Transferred Without Warning
Received (3) emails regarding transfer of VRCU.com out of my account to another registrar. ZERO emails prior to this warning me anything was amiss. Domain did not expire until 3-25-2019 but is now reg'd out to 2022.
GoDaddy support states it was initiated in my account and transferred to another GD user? Not clear...
Support Action
They said they cannon lock my account as I requested. I can't believe they did not transfer out other domains. I am very worried, and express my concern to support. They said thge Fraud dept. will be notified, and they sent me a "Disputing a Domain Name Transfer" web form
I am surprised no one can simply check IP records and see who logged in prior to today
@Joe Styler
Account Security as of 2-27-18
1. GoDaddy account was 2FA protected, but turned out it was only for "high-value" transfers? Don't remember doing that, but it's on me.
2. I had a 12 character random pass generated by LastPass; I already changed it quickly but from a glance I don't think it had special characters etc. Also on me; I usually use very long, secure passwords. So they brute force the GD account? GD doesn't have a way to prevent this. I don't get this.
It's not like me as I deal in crypto (lord have mercy) and I am hyper secure most of the time, I somehow overlooked these details with this particular account, but I'm kicking myself. However, I don't feel the GD response is really making me feel like shit is under control.
Domain Transferred Without Warning
Received (3) emails regarding transfer of VRCU.com out of my account to another registrar. ZERO emails prior to this warning me anything was amiss. Domain did not expire until 3-25-2019 but is now reg'd out to 2022.
GoDaddy support states it was initiated in my account and transferred to another GD user? Not clear...
Support Action
They said they cannon lock my account as I requested. I can't believe they did not transfer out other domains. I am very worried, and express my concern to support. They said thge Fraud dept. will be notified, and they sent me a "Disputing a Domain Name Transfer" web form
I am surprised no one can simply check IP records and see who logged in prior to today
@Joe Styler
Last edited: