New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Hetzner Refused To Restore My Account!!
This discussion has been closed.
Comments
Typical germans !
I think I had to go through basic verification, but not the whole procedure of sending the recovery code for removing 2fa via physical post which would have taken weeks since the address I gave them was my grandparents, in China xD
This is really a problem in modern time, I always create multiple accounts for different services.
Not done this with Hetzner but have experienced similar at other companies and usually it requires you to write in from the correct email plus usually has a grace period in which you can reverse the decision if it was someone malicious and you later regain control.
Have passwords sync between multiple provider.. have mine between bitwarden,firefox sync, chrome, zoho vault...
Looks time password sync between edge and chrome is tha way
Microsoft and google two sides of the same evil coin. maybe a good foss password manager
No.. Use a password manager that doesn't rely on an external company to work, sync and back it up with your own tools.
Yeah, relying on whatever company for keeping access to one's password is nothing short of madness. You always want to have a healthy amount of backups under your personal control. If that's too much work i'd actually recommend plain old paper instead of any kind of digital solution at all.
Email is actually quite a weak form of identification. Admittedly these days there's usually at least SPF but if there isn't sender address says perfectly nothing in regards to authenticity. Even if SPF exists there is a good chance that forged sender is going to pass unnoticed. Personally i'd by vary of companies putting the account security bar that low but i guess the grace period at least prevents the biggest disasters.
Yes the grace period is a big part of it, but usually it's the proof of having received an email and then replied to it, rather than simply the sending of an email. Because to receive an email directed at that address you would need control over the mail server that is in the MX records.
And yeah it's not normally just email, often they will ask for a couple other details. In general there is less security on deleting accounts with a grace period though, as the main risk is accessing that data.
It's also something you don't know about a company until you try it, so hard to avoid those that do. If you're ever bored, try to social engineer your way into deleting or recovering your own accounts and you might find some surprising security gaps : D
Yeah, challange authorization actually makes sense. Email, the UDP of communication tools
We do exactly that when evaluating providers for critical stuff, for example domain registrars...
We have the account recovery secrets, then start testing how we can gain access without using them.
If a provider fails, we don't use them.
Do not use such large providers as they have a lot of customers and they do not care if there is one more or one less. If you register, memorize and write down all the registration data so that you don't forget.
The best way is a pen and a piece of paper. Or at least a sheet of notepad on your desk.
The usual address we use in the UK for these situations is:
PC Plod
999 Letsby Avenue
Trumpton
@Hetzner_OL so i won’t get my account back then ?
My servers now is down because unpaid invoices, some of my data is lost, some of my websites that i worked on for years in SEO now is down because of google and hetzner stubborn support
my servers went down after i mentioned @Hetzner_OL so you know, great job and great support 👍
If you can login to your SSH, why don't move your data and website to a different server???
yes, because still waiting for fk cloudflare to restore my account. I have sent them all they asked for a week ago amd i was hoping to restore my account without the need to move every domain to new account… and also one server there i lost access to
i don’t have one website to just move it
@Hetzner_OL can you restore my servers or just the server under OWS Inetrnal team so i can get my f data out?
Dude just give up and accept you've lost it.
If they can't verify your identity (and that being the reason you can't access it), why the hell would they listen to you and restore them?
Did you try the social media route? I don't think Hetzner's LET account is much more than a repost bot these days and getting in touch with one of their social media representatives is probably your only (small) chance of getting them to reevaluate the situation.
You should do this super quick though. From my experience Hetzner waits quite a bit until they actually shutdown servers due to non-payment, so you are probably way past due date with every minute lowering the chance of there being anything left to restore.
i opened my email i found that cloudflare has been restored my account
I asked hetzner support many times to trigger the payment via my registered visa card!!!
well i block my card sometimes for safety, but when i asked them it was active the whole time!!
I have restored paypal, and my bank account cloudflare, vultr, contabo, racknerd almost everything except hetzner, well hetzner be accountable for my data lose ? is the email the only way to prove who i am ?
@mrhost unsurprisingly support is not doing anything without clear authorization. As for responsibility: I'm pretty sure security (in every way) of login data is on the client, so unless there's some binding recovery procedure Hetzner listed and later violated it's a very, very huge stretch putting it on them (besides that if i remember correctly you couldn't even provide a matching address, which is seriously unlikely to be Hetzner's fault).
@mrhost didn't you claim you had access to the services as you had the ssh keys?
What was the reason to wait until the last moment to not get data backed up and find a new home?
Well i have moved almost everything except websites one server i don’t remember why i can’t connect to it maybe because it has older key or i had changed ssh port i usually do…, I was waiting and having a good faith in hetzner.