New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
For all of you that are concerned about some providers enforcing additional steps to ensure security I suggest you look for a more sympathetic provider that will care less. I hear GVH has a ton of free space on their servers.
Have good day
+1, every post makes it worse.
This is so cringeworthy.
@Catalin have you tried requesting the password change in another browser? I had the same problem in Chrome, but it worked in either ie or Firefox.
Such a broad statement.
have u seen the actual rates? Google it.
You realise based on actual rates most providers shouldn't accept orders from most of asia?
Either way its apparent you don't like how SEFlow handles their security measures.
I think the Mafia have better ways to steal identities than set up a hosting company, and wait for someone to forget their password. :P
The end-user is expected to troubleshoot things on their side now? Madness!
While it may seem archaic to ask for photo ID, or verify via a phone call etc - it's still one of the best ways to deter fraud (at sign up, and from account hijacking). Is it fool proof, and or problematic for people in a world of 'instant gratification' - perhaps, but it's not unhead of to make sure especially if there are any other 'foot prints' at play that may cause suspicion (multiple IP's, prior failed login threshold, etc). I don't disagree the OP's situation sounds frustrating though.
Your OS and Browser isn't exactly troubleshooting its just some bits of information that help all of us that work in Tech Support.
not just them..
Either way its apparent you don't like how SEFlow handles their security measures.
Hence why some countries are blocked (in my case). and its obvious they should not be trusted. if they are asking for serious PII
I have no qualms with how they manage their own systems; I do not use them so have no personal difference to them.
I will say I would rather someone have a higher level of security than just reset my account because an e-mail said so.
And no, Im not that guy that has 2FA enabled everywhere.
In my eyes that is racist and broadly stereotyping, but then again you have your reasons and I have my own; the wonders of free speech!
hi @hostnoob ,
just a clarification on what happened. Customer submitted account months ago, As our cloud work with credit you can cancel any vm on it and you will still had credit in dashboard. We had one login for all services. You can login to that dashboard and manage every service with us.
Customer simply try to bypass that dashboard and login to onapp. Reset password on our dashboard work well, but customer never tried from it, but try to retrieve password from onapp. We never wrote the login onapp url, so i suspect customer track it from previous access from dashboard. Reset password not work because there are no user on onapp!
In every welcome email we post a link of a video that explain how to login to our platform. As the customer had access to our dashboard and are months that use our services, for us was suspicious that he ask not from ticket but from a domains related mailbox how to login to onapp directly.... and we tried to verify his identity.
My question is: why not just open a trouble ticket instead send email?
That's all.
Why not 2factor verification? or just send a SMS code to the customer's phone so he can verify it quickly himself without sending anything "too" personal like ID/Passport.
Those systems are less privacy invading towards the customers.
In the not-too-small image above I see someone told him to email you. I think it's your co-worker.
Honestly, I would 100 % prefer @matteob asking for my ID than resetting a password without second thoughts. Yeah, it's painful and you may not like it, but is a nice assurance if you care about your data.
Because customer tried to recover password from a wrong place and not from a dashboard used to customer to login ;-)
That makes sense. I had OVH ask for my ID when I signed up and I didn't think it was a problem. I just blanked out everything except my name and address on my driver's license, and they accepted it. Plus by doing that I didn't give them any info they didn't already have from when I signed up.
Unless I am wrong here it seems likely that the OP did not sign up with real details so his ID would be useless anyway as it won't match.
But anyway, +1 to @matteob for the stance that it's more important to do the right thing.