Locked out of your account? Help for account access issues.
- Thread starter zeadmin
- Start date
Chris Cherry
Zoneedit Support
The link doesn't open a webpage. It confirms that you wish to reset the password. When you click the link, a *second* email with the login credentials is sent to you. Is the password reset email going into a Spam or Junk folder?
Aparadissis
New Member
I get the email. When I try to reset it the action never completes. I will try again tomorrow morning and get screen shots.
Chris Cherry
Zoneedit Support
You can send that info to access @ zoneedit.com, and we'll take a look.
NEW QUESTION
I got locked out of my former email address for my zoneedit account and do not use Andriod or IOS for my phone I would like to change my email on the account but can not access the account.
Is there any other way to verify my identity so I can manage my domain ?
FYI my domain name is my last name lol
my IP address that I am on now is the IP used for my domain
I can put my calls only telephone number in my user profile
I sent email to access@zoneeit.com with
subject "Locked out of email and my zoneedit account"
from same email I used to register this forum username
I can provide photo id drivers license with same info as my zoneedit account
I got locked out of my former email address for my zoneedit account and do not use Andriod or IOS for my phone I would like to change my email on the account but can not access the account.
Is there any other way to verify my identity so I can manage my domain ?
FYI my domain name is my last name lol
my IP address that I am on now is the IP used for my domain
I can put my calls only telephone number in my user profile
I sent email to access@zoneeit.com with
subject "Locked out of email and my zoneedit account"
from same email I used to register this forum username
I can provide photo id drivers license with same info as my zoneedit account
Last edited:
Chris Cherry
Zoneedit Support
All of that will be taken care of via the access email request.
Thanks Chris I sent another email about merging two accounts I created another today to register a new domain I am setting up new email server and the delay would interfere with resolution for a new site launch this week.
LOL I just got another automated response telling me to use this forum from the new email to both access and support.
Subject of email "Is it Possible to merge my accounts? Unable to access former account" ticket numbers 5502947 and 0101673
Chris Cherry
Zoneedit Support
You can move domains between Zoneedit user accounts - https://support.zoneedit.com/en/knowledgebase/article/moving-domains-between-zoneedit-accounts
Token authentications for two factor authentication question / suggestion?
While I comprehend the desire for two factor authentication it is severely problematic in many ways for non casual technology creators.
The issue stems from a couple of assumptions made when two tokens are used.
#1 the first is assumption of use of Google or Apple products there are about 90 telephone operating systems in use today Andriod and IOS are only two.
#2 Email token generation is inherently insecure as smtp is vulnerable to man in middle and interception by packet capture. The assumption of security in email system is false.
#3 Device portability is necessary for development and in multisystem or grid of servers the assumption tat a single device that stores the token is a flaw.
#4 Often companies will use SMS as a method of authentication like Amazon does this is as bad as and worse than smtp (email) as the actual sms protocal is either Xmpp or SMTP all phone numbers have a email address for the phone number and the server for all phone numbers is public info to allow text messaging to work between networks. I can automatically look up the telephone numbers email server and do a PCAP on the IP with my text message content as the filter and find the token in capture, same goes for all cellular traffic. CLEC license holders do these things as normal QOS testing. This assumption of any SMS security is flawed.
#5 The use of either Apple or Google for any form of security is a major false trust issue as both are 100% compromised and easily circumvented due to their use of SWIFT security provided by Dr Chow of Elizabethtown University head of cyber security as the basis for secure payment. This system is designed on a 56bit 1976 security standard that was implemented in 1981 and has not been updated since. LOL ANy standard 64 bit home computer can access the system and defraud security measures with a bit of knowledge. Trust in their security is laughable. I know I have directly addressed the issue and was informed that they also rely on perceptual security.
Suggestions
#1 allow account holders to opt out of two factor token authentication.
#2 As simple asterisk server can be set up with a voice menu prompt to enter a displayed captcha code on login the person logs in with correct password their phone number on account is called and they enter on screen captcha prompt this allows the asterisk server instance to authenticate the current session token on server side until user logs out. Call Data Record provides receipt of transaction.
#3 When a user logs in with two factor opted out of, the already provided questions and answers can be used to verify identity.
While I comprehend the desire for two factor authentication it is severely problematic in many ways for non casual technology creators.
The issue stems from a couple of assumptions made when two tokens are used.
#1 the first is assumption of use of Google or Apple products there are about 90 telephone operating systems in use today Andriod and IOS are only two.
#2 Email token generation is inherently insecure as smtp is vulnerable to man in middle and interception by packet capture. The assumption of security in email system is false.
#3 Device portability is necessary for development and in multisystem or grid of servers the assumption tat a single device that stores the token is a flaw.
#4 Often companies will use SMS as a method of authentication like Amazon does this is as bad as and worse than smtp (email) as the actual sms protocal is either Xmpp or SMTP all phone numbers have a email address for the phone number and the server for all phone numbers is public info to allow text messaging to work between networks. I can automatically look up the telephone numbers email server and do a PCAP on the IP with my text message content as the filter and find the token in capture, same goes for all cellular traffic. CLEC license holders do these things as normal QOS testing. This assumption of any SMS security is flawed.
#5 The use of either Apple or Google for any form of security is a major false trust issue as both are 100% compromised and easily circumvented due to their use of SWIFT security provided by Dr Chow of Elizabethtown University head of cyber security as the basis for secure payment. This system is designed on a 56bit 1976 security standard that was implemented in 1981 and has not been updated since. LOL ANy standard 64 bit home computer can access the system and defraud security measures with a bit of knowledge. Trust in their security is laughable. I know I have directly addressed the issue and was informed that they also rely on perceptual security.
Suggestions
#1 allow account holders to opt out of two factor token authentication.
#2 As simple asterisk server can be set up with a voice menu prompt to enter a displayed captcha code on login the person logs in with correct password their phone number on account is called and they enter on screen captcha prompt this allows the asterisk server instance to authenticate the current session token on server side until user logs out. Call Data Record provides receipt of transaction.
#3 When a user logs in with two factor opted out of, the already provided questions and answers can be used to verify identity.
Thanks Chris that will be handy once I regain access to my original account LOL
JoannaBale
New Member
Dear Support
We are trying to access our account, but the email registered against our domain name no longer exists, so when you send a link to a***********r@b*************r.co.uk we cannot receive it.
Can you help us amend the email associated with our domain name b*************r.co.uk please.
Kindly advise how this action can be completed - what proof you require to undertake this urgent request.
Many thanks
We are trying to access our account, but the email registered against our domain name no longer exists, so when you send a link to a***********r@b*************r.co.uk we cannot receive it.
Can you help us amend the email associated with our domain name b*************r.co.uk please.
Kindly advise how this action can be completed - what proof you require to undertake this urgent request.
Many thanks
please contact us at access@zoneedit.com. regards..
Dear support, I just ran into the known problem of having the domain where the login token is sent pointing to the wrong IP (thus the reason I needed to log in to fix the IP for the domain). I sent a message about this to acces @ zoneedit.com . Since this is for domain(s) I use for a few different things, what is the expected reply time for the access-email so I can manage expectations on my end as to when things will be back up?
Thank you,
Bjorn
Thank you,
Bjorn
I got around the problem for now by changing the DNS info for the email domain to a different DNS provider, and then got access to the login token as the domain now resolves properly through the other DNS provider. So the fix here is for me not to use the contact email as one of the domains whose DNS is hosted here, and/or for Zoneedit to provide other forms of MFA tokens (Google Authenticator?) than an email to a domain that may not be routeable until I'm able to log in... ;-)
Thank you for the info Sandy. Is there any hope for providing a different / better method for MFA than email in the future?
Thanks,
Bjorn
at present the options include google auth, email and SMS:
support.zoneedit.com
regards.
Account Security
support.zoneedit.com
regards.
Yes, you're absolutely right - I see that now that I'm back in there. Thanks for your help! I've activated authenticator for MFA now.at present the options include google auth, email and SMS:
Account Security
regards.
-Bjorn