Had some unwanted excitement this morning.

I received a small barrage of emails from Hover (my domain name host of choice) telling me I’d logged into my account from a dodgy-looking IP addy.

I had not, of course. I was eating my healthy post-workout breakfast at the time.

I wasn’t silly enough to click on the password reset link. Instead, I went to the website and logged in manually. Yep. Fifteen minutes earlier someone, possibly Vladimir Putin, had been nosing around in my online unmentionables.

I hit up the live chat, got an actual human being which is a nice feature of Hover’s service, and sorted that shit out fast.

Not sure how my login leaked but I checked the activity log, saw Vlad sneaking around while I was eating breakfast, and noticed I’d turned off two-factor back in April. I never turn off two-factor, but in April I let an old domain name slip quietly across the rainbow bridge and I must have hit a check box at that time that disabled 2F.

How embarrassment.

Oh, and fuck you, Vlad.