Account: Notification of "Lost Password Attempt Failed"

Modified on Tue, 24 Aug 2021 at 07:00 AM

Question

 

I received a system notification email about an attempt made to get my domain account password. The notification email looked like this: 



There was an attempt made to get your account password.

Please note that many login names are similar and someone may have made an error in their request, or were guessing at their login name.

This request came from _____IP Address_______

We do not have any additional information to provide you. 

If you are concerned about this attempt, you may want to change your password and/or the answer to your secret question on your account information page.

This is an automatically generated email, please do not reply.


What is this and what does it mean?



Answer


That is an automated notification from the system, which is sent to the domain account email address when someone starts the password reset process for the domain account (from https://www.enom.com/help/SendPassword.aspx), but is not successful because the answer to the secret question on the account did not match.


This failed password reset attempt could mean a couple things:

  1. Someone accidentally typed in your Login ID because it was close to theirs
  2. Someone has your Login ID and is actually trying to get into the account by having the domain account password sent to the account email address


To successfully go through the password reset process, a few things are needed:

  1. The Login ID
  2. The answer to the secret question on the account
  3. Access to the account email address to receive the password reset link


Although this notification relays that an attempt was made, it does not mean anything was breached. The notification means that from this attempt, a password reset email was not sent. It gives the IP address of the computer making the attempt. You can lookup this given IP Address to find the IP location, using an IP lookup tool like at whois.domaintools.com.


The automated email states if you are concerned about the attempt, you can change the domain account password and/or answer to the secret question. It is always good to make security settings stronger by having longer passwords or more specific security questions and answers. However, your password and answer to the secret question on the account was not exposed due to this attempt.


In addition to changing the password and/or the answer to the secret question, additional security measures that can be enabled on the account are "Account Validation" and "Two Step Verification". More information on how to set up these additional security measures is in these HelpDesk articles:




Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article