- Impact
- 959
I'm hoping that this post serves to vouch for how two factor authentication on your domain accounts can protect your account and keep your investments secure.
-
The true story:
The night before I got a strange email from a Chinese company asking if I would permit a company in China to operate under the company name "Frostify" which as you may recognize is and has been my username on NamePros (as well as Flippa, Pheenix, and other domaining related sites). As I am the owner of Frostify.com (which is available to anyone on BB had this company wanted to rightfully buy it) and have used it as my username/"brand" for about 5 years, I told them they cannot have it unless they were willing to buy the rights along with the .COM on BB.
Now keep in mind this email (which I read from my @yahoo.com account on Yahoo.com itself through the web browser on chrome with a Mac Mini that I keep up to date and basically malware/virus free) had no file attachments or downloads or anything like that.
No response from Chinese company, I go to sleep.
So I was awaken at 8AM before my commute to work when my phone went off with a text message. I thought maybe it was a friend or family wanting to chat but this message came from GoDaddy and said "Your 2-Step Verification Code is: 123456" (obviously not the actual code). The only time I receive this message is after a successful username/password attempt on my GoDaddy account and then the final step would be to enter this code. LUCKILY the two factor auth is the ONLY thing that stopped a potential hacker from getting into the account (which has Frostify.com assigned to it as well as many other investment domains and even personal names such as *firstname*.xyz and *firstlastname*.com and domains of website projects I have.) I would honestly say it would be much worse for me financially to have my GoDaddy account hacked then it would be to have my bank acc hacked. (it's harder to recover from a domain hack, I also have more in "savings" with domains than I do in USD).
I have no proof that it was the company from the email the night before that had attempted to hack my account but it is possible. I don't mean to wrongfully accuse them as I have no proof. This is speculation on my part.
I immediately contacted GoDaddy and they were able to confirm that 2 factor stopped them and then urged me to change my pass which I immediately did.
I still have no clue as to how they got my password as it was a password I only used on GoDaddy and it was very secure with symbols, upper case, lower case, and numbers. That part still concerns me.
Now I'm not going to lie, two factor auth is very annoying at times, especially when you just need to make a quick change or check on something you need to wait for them to text you a pin and enter it and all that but it's worth it!
Moral of the story, please enable 2 factor auth on your domain accounts to keep it secure, by having it I totally avoided a nightmare situation where I would have stood to loose my NP username .COM, my personal name .COM, multiple LLLL.com's, One Word Dictionary .com's, and more.
TL;DR: A company *may have* tried to hack into my GoDaddy account, 2 factor auth saved me, everything was fine all due to 2 factor, go now and enable 2 factor.
Edits: disclaimers regarding potential source of the attack.
-
The true story:
The night before I got a strange email from a Chinese company asking if I would permit a company in China to operate under the company name "Frostify" which as you may recognize is and has been my username on NamePros (as well as Flippa, Pheenix, and other domaining related sites). As I am the owner of Frostify.com (which is available to anyone on BB had this company wanted to rightfully buy it) and have used it as my username/"brand" for about 5 years, I told them they cannot have it unless they were willing to buy the rights along with the .COM on BB.
Now keep in mind this email (which I read from my @yahoo.com account on Yahoo.com itself through the web browser on chrome with a Mac Mini that I keep up to date and basically malware/virus free) had no file attachments or downloads or anything like that.
No response from Chinese company, I go to sleep.
So I was awaken at 8AM before my commute to work when my phone went off with a text message. I thought maybe it was a friend or family wanting to chat but this message came from GoDaddy and said "Your 2-Step Verification Code is: 123456" (obviously not the actual code). The only time I receive this message is after a successful username/password attempt on my GoDaddy account and then the final step would be to enter this code. LUCKILY the two factor auth is the ONLY thing that stopped a potential hacker from getting into the account (which has Frostify.com assigned to it as well as many other investment domains and even personal names such as *firstname*.xyz and *firstlastname*.com and domains of website projects I have.) I would honestly say it would be much worse for me financially to have my GoDaddy account hacked then it would be to have my bank acc hacked. (it's harder to recover from a domain hack, I also have more in "savings" with domains than I do in USD).
I have no proof that it was the company from the email the night before that had attempted to hack my account but it is possible. I don't mean to wrongfully accuse them as I have no proof. This is speculation on my part.
I immediately contacted GoDaddy and they were able to confirm that 2 factor stopped them and then urged me to change my pass which I immediately did.
I still have no clue as to how they got my password as it was a password I only used on GoDaddy and it was very secure with symbols, upper case, lower case, and numbers. That part still concerns me.
Now I'm not going to lie, two factor auth is very annoying at times, especially when you just need to make a quick change or check on something you need to wait for them to text you a pin and enter it and all that but it's worth it!
Moral of the story, please enable 2 factor auth on your domain accounts to keep it secure, by having it I totally avoided a nightmare situation where I would have stood to loose my NP username .COM, my personal name .COM, multiple LLLL.com's, One Word Dictionary .com's, and more.
TL;DR: A company *may have* tried to hack into my GoDaddy account, 2 factor auth saved me, everything was fine all due to 2 factor, go now and enable 2 factor.
Edits: disclaimers regarding potential source of the attack.
Last edited:
