[Jim Robinson]

Someone entered your screen name into our lost password feature. It sends the password for the account to the registered email address, so no harm done. My guess is the someone involved uses “Bob” as a handle on other sites and he was looking to see if he’s already registered here with that name.

[Cyber Liberty]

Jim answered. I think he knows his software.

[freeandfreezing]

My guess is the someone involved uses “Bob” as a handle on other sites and he was looking to see if he’s already registered here with that name.

The interesting part is that the person doing the checking just so happens to be accessing the internet via gate2-norfolk.nmci.navy.mil which lives at 138.162.0.42, or they forged their address to match the navy gateway server's IP address - a fairly tricky operation to pull off.

Sending passwords by email in response to user requests does risk interception of those emails in the outbound path from the FR server to the user, but normally that should be a fairly small risk.

[Bob]

Someone entered your screen name into our lost password feature. It sends the password for the account to the registered email address, so no harm done. My guess is the someone involved uses “Bob” as a handle on other sites and he was looking to see if he’s already registered here with that name.

Thanks, JimRob. While I suspected that was the case, I was a bit surprised at the Naval Network Information Center being the source of it. (At my age, I'm fairly certain that they have absolutely no interest in getting me back into the Navy.)