This morning I awoke to over 1200 emails of people successfully logging into parallels, but needing confirmation. I immediately changed my password. However, in an early-morning stupor, I clicked on one which I thought was for my login attempt, confirming a browser in a whole different country. My questions are: - When you send a confirmation email, for how long is it valid? - When I change my password, does it invalidate other login sessions, validated by the former password? (It should.) - Why would I receive so many logins from a bot? I don't see any sensitive information, but I also do fully use Parallels. What are these hackers trying to get from my account? I know, there could be a "who knows" response, but I need to know what could be targeted so I can watch. - Is there someone/somewhere that I can talk to so that activity on my account can be monitored and reported? The parallels site is very basic and doesn't offer much. On the one hand, that's a good thing because it's easy to manage, however, I don't see any access logs or anything of that nature. You guys are already sending out security confirmation emails, it'd be nice to know which emails have been confirmed and then accessed through in other regions. - Last, even after changing my password, these confirmation emails are trickling in. They aren't recent though. GMail is telling me these attempts were about 20 minutes ago when they show up in my inbox. Not sure why they keep showing up, but do you guys have multiple authorization servers, and how long does it take a password change to propagate across all of them? Thanks for your assistance.
