Password changed by 127.0.0.1

Hey

Does anybody knows, how this could happen?

I wasnt able to login today due to password-missmatch error.
Didnt changend my secure password since 2018 and used a password manager + 2FA security on cloudflare login. I resettet the password and was able to login again afterwards.

I checked audit log and found out, that at 9:45pm my account password was changend by localhost ip 127.0.0.1 and before a logout was done by same ip.

Looks like cloudflare support or system did that.
But why?

I didnt received any email about that.

I just wonder, if my password may be to old and got auto resettet after 5 years ? Is that possible ?
Screenshot 2024-06-12 144225

2 Likes

Hi t.beyer,

Exactly the same issue here! Was unable to log in a few moments ago although I had not changed login credentials in any way. Used the ‘forgot password’ link to reset (which annoyed me as I knew very well that I had NOT forgotten my password).

During the reset procedure I noticed that Cloudflare have strengthened the password creation rules, requiring a greater mix of characters including special characters and numbers. That’s fine and good practice… BUT…

It’s disconcerting at best and highly unprofessional to say the least, to update policy like this behind the scenes without letting users know what on earth is going on.

Incidentally, my audit log shows that my password was changed by 127.0.0.1 at exactly the same time as yours was.

2 Likes

Hello @t.beyer and @southwesttest, thanks for sharing your concerns with us.

We understand that this can be confusing, and we do apologize for the unexpected events.
At this point you have received a ticket / email with more details on what has happened, why you are seeing that record in Audit Logs and what actions to take.
We appreciate your understanding and cooperation.

Please let us know if you need anything further by replying to the ticket, and it will be automatically reopened.

2 Likes