I would have expected them to message them, in order to resolve any issues, if I haven’t got access to my old email. Instead, they assume that I still have access to it, by simply emailing the email provider!
If I could do that, I wouldn’t have lost access to it through would I?
NuXCOM_90Percent@lemmy.zip 6 months ago
I mean… It would be nice if they put a nicer message there. But I mostly agree with that.
Look up how people social engineer their way into apple accounts and so forth. The more you put the burden on a (perpetually) underpaid CSR the easier it is to steal an account, Spin a sob story and then harass the CSR until they just reset your password so you will go away. Except there is no guarantee that is YOUR password and now we have yet another stolen account.
bogosort@discuss.tchncs.de 6 months ago
Also works on EA accounts. Got mine stolen through Customer Service a few months ago. But when I contact them through the email the account was set up with they don’t reinstate me.
Wish there was a solution to these problems that deals with both issues.
NuXCOM_90Percent@lemmy.zip 6 months ago
There is.
2FA. No, not the fucking “we’ll send you an SMS” bullshit that is increasingly used to just highlight an active phone number for spam purposes. Proper TOTP with the code backed up to a proper service (bare minimum, Bitwarden)
Someone can steal your password and even your email account (unless you TOTP that too…). They still can’t get into your account unless you are an idiot who gets tricked into providing the 2FA key.
In a perfect world? Have your TOTP credentials in one encrypted database/Bitwarden account and your passwords in another. In reality? Just use a trusted service. I used to be a big fan of Keepass but protecting that with a yubikey (or similar) is a huge mess.
ArmokGoB@lemmy.dbzer0.com 6 months ago
It’s just passing the buck for their service. They should be solely responsible for lockouts on their service.
insufferableninja@lemdro.id 6 months ago
you seem to be misreading the message. if you no longer have access to your email account that is linked to discord, what the hell can discord do about it? nothing. so you have to contact the email provider’s customer service to get access to your email account.
this is not just reasonable, it’s the only way it could work. or do you think Google customer service will help you reset your lemmy password?