Paul P

John
I don't know where they are coming from but I wish CW would respond with something concrete.  

I hope the Cakewalk accounts are secure.  While trying to authorize a free plugin, I recently got access to account product lists and their serial numbers for as many accounts as I cared to try over at iZotope (all while failing to update my own account).

Right. Its very disconcerting. I don't think it would hurt if we all made a group protest about it. It needs to be dealt with. Or at the least we need to be reassured. 

1andyf88
Your Cakewalk password has been reset to the following: v:lE#v*5

Please sign in and change your password here: https://www.cakewalk.com/.-Account/Change-Password

That sort of message (from any web site) is usually the result of pressing the "I forgot my password" button.
 

There are only two ways an account password is reset and that email is triggered.
 
1) someone clicks the one-time link generated and sent to your email address. Example:

 
Hello Ryan Munnis [Cakewalk], 

A request to reset your Cakewalk Account password has been made. To reset your password, please click the following link: 
 
[Link]

If you did not request to reset your password please discard this message. 

Best Regards, 
Cakewalk Account Management

 
2) someone on Cakewalk Support Staff does it at the request of a user
 
With that being the case, my suspicion is either Cakewalk Support Staff (I'll follow up internally), or that someone has access to your email. I'd reset your passwords for both your Cakewalk Account and Email Account (as well as disable any Email Clients / portable devices, etc. that may have access to your email address).
 
BTW John, I believe we may have discussed before, but given how common "John" is for a name, my suspicion is many people attempt to reset their account password pre-emptively by entering "John". As mentioned above, however, they cannot reset your password, only create a request to reset.

Quick question... If I say I forgot my password does it ask me for my email, or just user name? If just user name, I can see this almost getting abused.

It asks for either (by extremely popular demand of people who forget one or the other).

I followed up internally and it looks like one of our support reps did indeed initiate this and has an open email thread with the OP. Looks like there was some miscommunication.

Thanks Ryan. I did indeed, after receiving the email, change the account password and my user name,.I have also changed my email password. I however do not have an open email thread with anyone. I did not initiate a change password request. This email just showed up in my mailbox. At any rate, I can't complain about Cakewalk fast response to this, both on the way hone and here in the forum. We shall see if the above changes solve the problem.

Ryan Munnis [Cakewalk]
There are only two ways an account password is reset and that email is triggered.
 
1) someone clicks the one-time link generated and sent to your email address. Example:

 
Hello Ryan Munnis [Cakewalk], 

A request to reset your Cakewalk Account password has been made. To reset your password, please click the following link: 
 
[Link]

If you did not request to reset your password please discard this message. 

Best Regards, 
Cakewalk Account Management

 
2) someone on Cakewalk Support Staff does it at the request of a user
 
With that being the case, my suspicion is either Cakewalk Support Staff (I'll follow up internally), or that someone has access to your email. I'd reset your passwords for both your Cakewalk Account and Email Account (as well as disable any Email Clients / portable devices, etc. that may have access to your email address).
 
BTW John, I believe we may have discussed before, but given how common "John" is for a name, my suspicion is many people attempt to reset their account password pre-emptively by entering "John". As mentioned above, however, they cannot reset your password, only create a request to reset.

It was me I think that brought it to your attention. I am totally happy now with your response. I don't use a log in manually. I have my browser set to automatically to log me in. Rarely do I log in myself. I'm going to watch this a little closer and try to figure out what conditions cause an email to be sent. What might be a problem is a delay in logging in and the email being sent. Though I can't be sure of this at the present time. It seems that these emails are sent at odd times. The funny thing is I have been on these forums very shortly after they were implemented. I was on the newsgroup and was reluctant to come here. That said, I can't recall ever seeing this happen before.  
 
I do hope you understand my concern about this as there is so much talk about all sorts of nasty things going on lately. I can say I am very pleased that you posted here and shed some light on this. I really thank you for that.    

EDIT: Whoops-didn't see your post John or the ops-I need to scroll all the way down next time-sorry guys
 
I don't think clicking on a link like that is a good idea. I would log in again and change the password again-that's if you logged in with the link you received and changed it. Just me-I'm old :-) 

stratman70
I don't think clicking on a link like that is a good idea. I would log in again and change the password again-that's if you logged in with the link you received and changed it. Just me-I'm old :-) 

Yes.  Reading the post above I checked the link, expecting to see something from Russia or Pakistan.  I was kind of surprised to see the correct Cakewalk address.

1andyf88
This is what I received as an email. I have since changed the password twice. I never initiated a password change or reset.

Cakewalk Password Reset

Cakewalk Account Management
to me
18 minutes agoDetails
Hello AndyF,

Your Cakewalk password has been reset to the following: v:lE#v*5

Please sign in and change your password here: https://www.cakewalk.com/.-Account/Change-Password

If the above password is not accepted, please try typing it in manually instead of copying and pasting it.

Best Regards,
Cakewalk Account Management

This sounds exactly like someone clicked the "forgot password?" link for your userid and the forum software dutifully picked a scrambly password and sent it to you at your email registered with the forum. This could happen harmlessly without anyone successfully accessing your email or your forum account.