For the second time in the last few months, GoDaddy has locked my account and forced a password change “for security purposes”. While I would expect this kind of behavior if someone managed to login to my account in another country or in an area that I’m not normally in, GoDaddy seems to be jumping the gun a little bit and generally being silly about how they’re handling this.
To give a little bit of background, I have two-factor authentication turned on as I do with all of my accounts that support it. If someone did manage to guess my password, I would have received a text message with a verification code; I have not, however, received an unwanted text which means that no one actually guessed my password. Therefore, asking to change my password is a bit premature; it’s as if I were asked to change the locks to my home because someone tried to get in with my neighbor’s key.
In other words, I was asked to change my password because it succeeded in protecting my account. Thanks GoDaddy.