It looks like you're new here. If you want to get involved, click one of these buttons!
Python
Forum LeaderThe Royal RAM
Long story short I’ve had mfa via Authy on my godaddy account since day one. It’s setup as single device only and I’ve confirmed with Authys security team my account there wasn’t breached.
My GoDaddy account settings under active sign ins consistently shows an IP address and location I’ve never used, vpn’d, hosted of know anything about. I remove it and it’s back within 24 hours.
I removed it last again night and checked again today and it is back. GoDaddy support confirmed someone is able to access my account somehow bypassing the MFA but is refusing to give me any information or assistance. I was told they will not provide more info on it other then confirming it is going on and told me to talk to legal and get a court order.
What’s strange to me is it doesn’t appear they even consider this a potential breach of their system. They will not be escalating it or doing an internal investigation as far as I know. Does anyone know why they are taking this stance when they confirmed to me that MFA is set and still someone is accessing the account? They say they don’t know how it’s happening which in my mind should trigger someone looking into it to make sure they don’t have a hole in their system.
It’s always the same location and IP that shows up in the active logins. What’s strange is under sign in history I only see my sign ins and nothing from anything I don’t recognize as me. What should I do?
The Royal Ram
Comments
That is just scary that someone is accessing your Godaddy account and you should move away from them immediately.
I don't find Godaddy to be a good host although they're a good domain registrar.