I received a small barrage of emails from Hover (my domain name host of choice) telling me I’d logged into my account from a dodgy-looking IP addy.
I had not, of course. I was eating my healthy post-workout breakfast at the time.
I wasn’t silly enough to click on the password reset link. Instead, I went to the website and logged in manually. Yep. Fifteen minutes earlier someone, possibly Vladimir Putin, had been nosing around in my online unmentionables.
I hit up the live chat, got an actual human being which is a nice feature of Hover’s service, and sorted that shit out fast.
Not sure how my login leaked but I checked the activity log, saw Vlad sneaking around while I was eating breakfast, and noticed I’d turned off two-factor back in April. I never turn off two-factor, but in April I let an old domain name slip quietly across the rainbow bridge and I must have hit a check box at that time that disabled 2F.
Oh, and fuck you, Vlad.