North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: NSI's registrar db hacked

  • From: Michael P. Lucking
  • Date: Fri Apr 14 09:37:36 2000

On Thu, 13 Apr 2000, Rodney Joffe wrote:

> a) force guardian (crypt-pw seems the most reliable) on all new domain
> registrations

The other day I sent in a modify for a domain that I was tech contact
(using crypt-pw) and someone else was the admin/billing contact. The admin
contact got an after update notification that included my e-mail,
including the clear-text password. At one point in time NSI used to strip
the password off before re-emailing any form for any reason.

Also, I would love to use PGP, but they can't get that right either.

Michael P. Lucking                                    [email protected]