homepage Welcome to WebmasterWorld Guest from 23.21.9.44
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / WebmasterWorld / Domain Names
Forum Library, Charter, Moderators: buckworks & webwork

Domain Names Forum

    
Moniker invokes system-wide pwd reset
suspicious activity
lorax




msg:4586066
 12:40 pm on Jun 20, 2013 (gmt 0)

In an email from Moniker this am, the company noted they discovered suspicious activity. They believe everything to be safe but to be sure have invoked a system-wide pwd reset.

 

Brett_Tabke




msg:4586072
 1:08 pm on Jun 20, 2013 (gmt 0)

[news.softpedia.com...]

“Moniker’s Operations & Security team has discovered and blocked suspicious activity on the Moniker network that appears to have been a coordinated attempt to access a number of Moniker user accounts,” the company said in the notification sent to customers.

“While our password encryption measures are robust, we are taking additional steps to ensure that your personal data and domains remain secure. This means that, to be absolutely sure of the security of your account, we are requiring all users to reset their Moniker account password,” Moniker said.

martinibuster




msg:4586073
 1:12 pm on Jun 20, 2013 (gmt 0)

Official Moniker announcement. [t.lt02.net]

brotherhood of LAN




msg:4586086
 2:13 pm on Jun 20, 2013 (gmt 0)

Hopefully anyone involved here has kept their contact details up to date.

swa66




msg:4586101
 2:29 pm on Jun 20, 2013 (gmt 0)

Hopefully nobody used the same password there and at any other place ...

bill




msg:4586296
 2:51 am on Jun 21, 2013 (gmt 0)

Interesting that they're asking customers to use the e-mail a new password method rather than having people log in and then use the password reset feature that already exists in the control panel.

robzilla




msg:4586746
 6:31 pm on Jun 22, 2013 (gmt 0)

Interesting that they're asking customers to use the e-mail a new password method rather than having people log in and then use the password reset feature that already exists in the control panel.

Yes, this is all very poorly handled. I'm locked out of my account until I hear back from support. Moving my domains elsewhere when/if I get back in.

bill




msg:4586808
 12:04 am on Jun 23, 2013 (gmt 0)

I had to call up Support for one account. The call was answered immediately and my issue was fixed very quickly.

I'd rather have them notify account holders of a breach, and initiate a password reset campaign like this though. Sure, it's probably stretching their resources at the moment, but I think they did the right thing. Perhaps this will encourage them to smooth out their account management system and to add more security options.

robzilla




msg:4586843
 8:57 am on Jun 23, 2013 (gmt 0)

I'll admit this isn't the sole reason why I'd prefer to move things elsewhere, but the fact that support isn't responding to my e-mails does nothing but reinforce that preference. The interface hasn't changed in a while, for one, despite the fact that it's not very usable. I did get back into my account, thankfully, after they somehow (weirdly) changed the security question and I was able to answer that successfully.

ergophobe




msg:4587270
 9:21 pm on Jun 24, 2013 (gmt 0)

The worst part of this is that I had to log into Moniker and

1. As is frequently the case, I seem to have to do a password reset and can't actually manage it without calling support. Now I manage hundreds and hundreds of logins and there are only about 2-3 where I seem to have persistent problems.

2. Then I log in and my head hurts. How do I *do* anything on that website?

The only thing that keeps me there is inertia and memory decay (in oterh words, when I'm ready to overcome the inertia, I forget why I dislike Moniker so much).

ergophobe




msg:4587272
 9:24 pm on Jun 24, 2013 (gmt 0)

Hopefully nobody used the same password there and at any other place ...


Second login compromised this month and second one that was a randomized, auto-generated password. It's always reassuring to look at my old password and realize that it is not used elsewhere.

julinho




msg:4587305
 1:05 am on Jun 25, 2013 (gmt 0)

A few years ago, I created an account with moniker and tried to register a domain.

The domain was available, but moniker wouldn't register it.

A few days later, I received a message from the "security division" at moniker asking me to confirm some information I had provided, or otherwise the domain wouldn't be registered.

I then asked if, should in the future I want to register a domain in a hurry, I would be subject to such delays.

The person said that he was THE "security division" at moniker; he was in holidays when I tried to register the domain, hence the delay.
In the future, should he be again in holidays, yes, I would have to wait for his return.

I asked for a refund (they kindly agreed) and never came back to moniker.

Webwork




msg:4587822
 1:03 pm on Jun 26, 2013 (gmt 0)

Alrighty . . Just went to login x4 and each time I get . . . "!Problem loading page! The connection has timed out."

Maybe their hacker friends aren't yet done having fun?

Or maybe their security expert has decided that making the site inaccessible will be the best solution for now?

superclown2




msg:4593107
 10:24 pm on Jul 14, 2013 (gmt 0)

So having decided that the email I got from them last month was a phishing attempt (it was sent through some other company's system, NOT moniker.com)I finally discovered today that I couldn't logon. I tried the 'forgot password' link but I was asked security questions I have no recollection whatsoever of. I emailed support but got a standard automatic reply asking me to submit a ticket. I filled in all the details, clicked the submit button and was asked to logon before it could be sent. I couldn't logon because ............

What a shambles.

On another note; if and when I finally do get another password it will be alphanumeric only, special characters are not accepted. No wonder they got hacked.

superclown2




msg:4593494
 11:15 am on Jul 16, 2013 (gmt 0)

So I finally got through to Moniker via my Snapnames account (!) only to get a boilerplate request to phone them. Much against my will I tried to do so instead of going to bed (Like, I suspect, most of their customers I am in a different timezone) only to give up trying half an hour later. Does anyone know any way of actually contacting a real live person in this company?

bill




msg:4594081
 3:04 am on Jul 18, 2013 (gmt 0)

So having decided that the email I got from them last month was a phishing attempt (it was sent through some other company's system, NOT moniker.com)

I just re-checked all the notices I was sent about this. They all came from moniker.com e-mail addresses, but looking at the header they did use some service called listrak which may have thrown things for you.

As mentioned above, I did have to call them. During the earlier days of this issue they must have had additional staff allocated because I was surprised to reach someone outside their regular business hours.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Domain Names
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved