Welcome to WebmasterWorld Guest from 54.227.82.149

Forum Moderators: buckworks & webwork

Message Too Old, No Replies

Moniker invokes system-wide pwd reset

suspicious activity

     

lorax

12:40 pm on Jun 20, 2013 (gmt 0)

WebmasterWorld Senior Member lorax is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



In an email from Moniker this am, the company noted they discovered suspicious activity. They believe everything to be safe but to be sure have invoked a system-wide pwd reset.

Brett_Tabke

1:08 pm on Jun 20, 2013 (gmt 0)

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



[news.softpedia.com...]

“Moniker’s Operations & Security team has discovered and blocked suspicious activity on the Moniker network that appears to have been a coordinated attempt to access a number of Moniker user accounts,” the company said in the notification sent to customers.

“While our password encryption measures are robust, we are taking additional steps to ensure that your personal data and domains remain secure. This means that, to be absolutely sure of the security of your account, we are requiring all users to reset their Moniker account password,” Moniker said.

martinibuster

1:12 pm on Jun 20, 2013 (gmt 0)

brotherhood of LAN

2:13 pm on Jun 20, 2013 (gmt 0)

WebmasterWorld Administrator brotherhood_of_lan is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Hopefully anyone involved here has kept their contact details up to date.

swa66

2:29 pm on Jun 20, 2013 (gmt 0)

WebmasterWorld Senior Member swa66 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Hopefully nobody used the same password there and at any other place ...

bill

2:51 am on Jun 21, 2013 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



Interesting that they're asking customers to use the e-mail a new password method rather than having people log in and then use the password reset feature that already exists in the control panel.

robzilla

6:31 pm on Jun 22, 2013 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



Interesting that they're asking customers to use the e-mail a new password method rather than having people log in and then use the password reset feature that already exists in the control panel.

Yes, this is all very poorly handled. I'm locked out of my account until I hear back from support. Moving my domains elsewhere when/if I get back in.

bill

12:04 am on Jun 23, 2013 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



I had to call up Support for one account. The call was answered immediately and my issue was fixed very quickly.

I'd rather have them notify account holders of a breach, and initiate a password reset campaign like this though. Sure, it's probably stretching their resources at the moment, but I think they did the right thing. Perhaps this will encourage them to smooth out their account management system and to add more security options.

robzilla

8:57 am on Jun 23, 2013 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



I'll admit this isn't the sole reason why I'd prefer to move things elsewhere, but the fact that support isn't responding to my e-mails does nothing but reinforce that preference. The interface hasn't changed in a while, for one, despite the fact that it's not very usable. I did get back into my account, thankfully, after they somehow (weirdly) changed the security question and I was able to answer that successfully.

ergophobe

9:21 pm on Jun 24, 2013 (gmt 0)

WebmasterWorld Administrator ergophobe is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



The worst part of this is that I had to log into Moniker and

1. As is frequently the case, I seem to have to do a password reset and can't actually manage it without calling support. Now I manage hundreds and hundreds of logins and there are only about 2-3 where I seem to have persistent problems.

2. Then I log in and my head hurts. How do I *do* anything on that website?

The only thing that keeps me there is inertia and memory decay (in oterh words, when I'm ready to overcome the inertia, I forget why I dislike Moniker so much).

ergophobe

9:24 pm on Jun 24, 2013 (gmt 0)

WebmasterWorld Administrator ergophobe is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Hopefully nobody used the same password there and at any other place ...


Second login compromised this month and second one that was a randomized, auto-generated password. It's always reassuring to look at my old password and realize that it is not used elsewhere.

julinho

1:05 am on Jun 25, 2013 (gmt 0)

10+ Year Member



A few years ago, I created an account with moniker and tried to register a domain.

The domain was available, but moniker wouldn't register it.

A few days later, I received a message from the "security division" at moniker asking me to confirm some information I had provided, or otherwise the domain wouldn't be registered.

I then asked if, should in the future I want to register a domain in a hurry, I would be subject to such delays.

The person said that he was THE "security division" at moniker; he was in holidays when I tried to register the domain, hence the delay.
In the future, should he be again in holidays, yes, I would have to wait for his return.

I asked for a refund (they kindly agreed) and never came back to moniker.

Webwork

1:03 pm on Jun 26, 2013 (gmt 0)

WebmasterWorld Administrator webwork is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Alrighty . . Just went to login x4 and each time I get . . . "!Problem loading page! The connection has timed out."

Maybe their hacker friends aren't yet done having fun?

Or maybe their security expert has decided that making the site inaccessible will be the best solution for now?

superclown2

10:24 pm on Jul 14, 2013 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



So having decided that the email I got from them last month was a phishing attempt (it was sent through some other company's system, NOT moniker.com)I finally discovered today that I couldn't logon. I tried the 'forgot password' link but I was asked security questions I have no recollection whatsoever of. I emailed support but got a standard automatic reply asking me to submit a ticket. I filled in all the details, clicked the submit button and was asked to logon before it could be sent. I couldn't logon because ............

What a shambles.

On another note; if and when I finally do get another password it will be alphanumeric only, special characters are not accepted. No wonder they got hacked.

superclown2

11:15 am on Jul 16, 2013 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month



So I finally got through to Moniker via my Snapnames account (!) only to get a boilerplate request to phone them. Much against my will I tried to do so instead of going to bed (Like, I suspect, most of their customers I am in a different timezone) only to give up trying half an hour later. Does anyone know any way of actually contacting a real live person in this company?

bill

3:04 am on Jul 18, 2013 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



So having decided that the email I got from them last month was a phishing attempt (it was sent through some other company's system, NOT moniker.com)

I just re-checked all the notices I was sent about this. They all came from moniker.com e-mail addresses, but looking at the header they did use some service called listrak which may have thrown things for you.

As mentioned above, I did have to call them. During the earlier days of this issue they must have had additional staff allocated because I was surprised to reach someone outside their regular business hours.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month