Login Security Agent Live
Monday, January 25th, 2016Usually, for the weekly blog post we try to write about something informative, about a new service we’re rolling out, etc. This past Wednesday, though, we had an interesting incident in our support team we’d like to share with you.
Mid afternoon, William Wakely, an relatively new customer for Register4Less, contacted our support via the secure online chat on our website. He was reporting that overtime he logged our of his account, his password would get reset. He was able to log back in by using the email that is sent with the Lost Password function.
Passwords of course will not reset themselves. The only way for a password to get changed is for someone that is already logged in to go to the menu Profile > Change Password and submit a new password. Once we were able to confirm William was the true domain owner, we asked him to check the Login Security Agent (LSA) page (also under Profile).
Sure enough, William was able to see there was another login session active from a different IP address. William provided us with the IP address, and we were able to see this was coming from a different internet service provider from his, and not one that he recognized.
William had not yet setup the LSA kill password, so he did that while we were still on our chat session, and once set up, terminated the other person’s login session, and then reset his password.
We don’t actively track how frequently the LSA kill session function is used, though we could if we went through all of our log files. It was however interesting and rewarding to be chatting with a customer and help them use this function live. With any other registrar, the customer and true domain owner would not able been able to kick the other person off of their account, so resolving this problem would not have been easy. LSA saved the integrity of William’s account!