Before I start, let me mention that this happened back around summer of this year (2002).
I registered a domain with liquidweb.com, and I thought they were the perfect host! Very quick, and reliable. Well, I changed my mind very quickly the day they gave my password out. My eMail addy is email@example.com
, and some idiot emailed their tech support, from w0wcyber@HOTMAIL.com
, and asked them to resend the password because he forgot it. The tech guy, being the nice man that he was, sent out the password to both email accounts, mine and the fraud's. The fraud proceeded to go in and change all my settings. I recovered the account quickly, and changed all my password, and reset my settings, but it left me questioning the security of LiquidWeb.com. When I contacted them, obviously a little angry that they'd give my password away, they tried to shake it off and say they never did it. Even though I fowarded them a copy of the email coming from their company with my password in it! I quickly cancelled my account, but since then I've been sure to specify to all my hosts to only answer emails from that ONE eMail that I've provided.
I'm sure it was a simple slip-up from LiquidWeb.com, but how can they explain denying that they sent out the password? Accept responsibility! What if I'd been running a large eCommerce site? Would the safety of all my customers have been compromised?
Just my 2 cents.