Password Issues?
Author: Amy Armitage
I just got back into town around an hour ago. Support staff asked me to post this for any Lunarpages customers experiencing password issues on their hosting accounts.
Over the last few days we have changed the passwords on any accounts that don’t have an updated password as requested by Lunarpages between January 10th - 17th.
The following is part of an email sent to all Lunarpages customers January 10th 2007
Next time you login to https://account.lunarpages.com you will be asked to update your password. We have seen an alarming number of
Lunarpages hosting accounts “brute force” hacked due to poor password choices. When this happens it causes considerable harm not only to an individual account but also to the server (i.e. spam being sent out that may cause black listing, phishing scams,high CPU loads, etc.).
To ensure this security upgrade is affective we will need ALL customers to update their passwords. We realize that you may not check your e-mail or login to your hosting accounts often enough to make this change in a timely manner. Because of this, we will generate random passwords on all accounts that have not updated within the next 7 days.
**Please note: If you are reading this after the 7 day period has already passed please simply e-mail support@lunarpages.com or call us at 877-LUNARPAGES (877-586-2772) and ask to have your password resent to you. At that point you can login and change your randomly generated password to one that better suits you.
Why?
In the email it is mentioned that we had to make the changes to the passwords for security reasons, due to brute force attacks on the passwords for those accounts. Here is a really great article, which goes into detail about a process that is similar to that which has lead to our updates of the process:
http://www.wired.com/news/columns/0,72458-1.html?tw=wn_story_page_next1
We apologize for any inconvenience as a result of this situation, however, your security, and the server stability are the reason behind these changes.
Here is the quick fix:
To change your password, please login and click the Change Password icon.
Please note, there is now a “forgot password” option available on the login page.
If you have your account username, but forgot the password, you can have it re-sent to the email address on record for the account by doing the following:
2. Fill in the Username
3. Place a check in the “Lost Password” box
4. Click Login.
You will see a notice when you do this:
Email with login information sent to email we have on file
The subject reads “Lunarpages Hosting - Requested Information”
That Didn’t Work! I STILL CANNOT LOGIN TO CPANEL!
If you changed your password via the CAP and it has not propagated to cPanel, please read below on what we require from you when you email us regarding this.
That Didn’t Work! I STILL CANNOT LOGIN TO PLESK!
If you have changed your password via the CAP and it is not allowing you to login to Plesk, please try logging into your plesk panel with the old password on your account. Once logged in, you can update the password via the Plesk panel.
That STILL Didn’t Work!
Call us 877-586-2772 (We are open until Midnight) - or email us support@lunarpages.com or please visit our forums
Where is my email with my password info?! Email Support is taking longer than usual! Phones Are Busy!
Yes, they are. We have thousands of customers needing assistance to access their passwords, so as a result, there are extended delays on the phones. Our Email Support staff are doing their very best however to speed things up, please try the above solutions.
If you did not receive the welcome email or the information listed does not work, it will expedite things if you provide the following info:
Primary Domain:
CAP/cPanel Username:
Last Four Digits of the Credit Card on File:
If you cannot supply or do not have a credit card with us on file, please supply us with the following information:
First and last characters of the password on file:
Full Mailing Address on File:
Full Telephone Number on file:
Please also specify the alternate email address you would like your account information sent to or which service you attempted to log into with the credentials provided and the URL you used.
I think that about covers it. I hope this post helps some of you find a quick solution.
Thanks to all of our customers for their patience and for understanding why we must enforce these security changes. Just like our Mother’s always said..
“It’s for your own good” ;)