Email notifications about portal logins

ENVIRONMENT: Datto Partner Portal

This article describes some email notifications about Partner Portal logins.

You receive an email from noreply@datto.com with a message similar to the following: "Successful Login from New IP Address. Datto has detected a successful login from a new location. Was this you? If so, please disregard this email. If this wasn't you, please reset your password or contact Datto Support to keep your Datto account safe."

Cause

Your Partner Portal credentials were used to log in to http://partners.dattobackup.com from an IP address not previously associated with your account. The login was successful.

Resolution

If you have opted into Partner Portal email alerts, Datto will send you a security notification similar to the example shown in Figure 1 any time that our servers detect your account successfully logging in to the Partner Portal from an unrecognized IP address. Should you receive an alert, Datto recommends performing the following steps to ensure the security of your account.

NOTE  Logging into the Partner Portal from a device that uses a temporary IP address lease, such as a smartphone, may trigger a portal alert. When reviewing the notification, keep this information in mind.

  1. Review the IP address and the time stamp shown in the email. If you recognize the IP address and the login time shown, no further action is necessary on your part.
  2. If you do not recognize the login activity, your account may have been compromised by an attacker. Reset your Partner Portal password immediately. Review your account for any signs of malicious activity.
  3. For added security, Datto also recommends enabling Multifactor Authentication (mfa) for your entire organization.
  4. If you have further questions or require additional security-related assistance, contact Datto Technical Support.

You receive an email from noreply@datto.com with a message similar to the following: "Login from New IP Address. Datto has detected a login from a new location. Was this you? If so, please disregard this email. If this wasn't you, please reset your password or contact Datto Support to keep your Datto account safe."

Cause

Datto's authentication server detected your Partner Portal account logging into http://partners.dattobackup.com from an IP address that it has not recorded you logging in from previously.

Resolution

If you have opted into Partner Portal email alerts, Datto will send you a security notification similar to the example shown in Figure 1 any time that our servers detect your account logging into the Partner Portal from an unrecognized IP address. Should you receive an alert, Datto recommends performing the following steps to ensure the security of your account.

NOTE  Logging into the Partner Portal from a device that uses a temporary IP address lease, such as a smartphone, may trigger a portal alert. When reviewing the notification, keep this information in mind.

  1. Review the IP address and the time stamp shown in the email. If you recognize the IP address and the login time shown, no further action is necessary on your part.

  2. If you do not recognize the login activity, your account may have been compromised by an attacker. Reset your Partner Portal password immediately. Review your account for any signs of malicious activity.

  3. For added security, Datto also recommends enabling Multifactor Authentication (mfa) for your entire organization.

  4. If you have further questions or require additional security-related assistance, contact Datto Technical Support.

You receive an email from noreply@datto.com with a message similar to the following: "Attempted Login from New IP Address. Datto has detected an attempted login from a new location. Was this you? If so, please disregard this email. If this wasn't you, please reset your password or contact Datto Support to keep your Datto account safe."

Cause

Your Partner Portal credentials were used to log in to http://partners.dattobackup.com from an IP address not previously associated with your account. The login was not successful.

Resolution

If you have opted into Partner Portal email alerts, Datto will send you a security notification similar to the example shown in Figure 1 any time that our servers detect your account unsuccessfully attempting to log in to the Partner Portal from an unrecognized IP address. Should you receive an alert, Datto recommends performing the following steps to ensure the security of your account.

NOTE  Logging into the Partner Portal from a device that uses a temporary IP address lease, such as a smartphone, may trigger a portal alert. When reviewing the notification, keep this information in mind.

  1. Review the IP address and the time stamp shown in the email. If you recognize the IP address and the login time shown, no further action is necessary on your part.
  2. If you do not recognize the login activity, your account may have been compromised by an attacker. Reset your Partner Portal password immediately. Review your account for any signs of malicious activity.
  3. For added security, Datto also recommends enabling Multifactor Authentication (mfa) for your entire organization.
  4. If you have further questions or require additional security-related assistance, contact Datto Technical Support.

You receive an email from noreply@datto.com with a message similar to the following: "Attempted Login from Blocklisted IP. Datto has detected an attempted login from a blocklisted location using invalid credentials. If this wasn't you, please reset your password or contact Datto Support to keep your Datto account safe."

Cause

An attempt to log in to http://partners.dattobackup.com took place from an IP address which you blocklisted in your company settings. The login was attempted with a Partner Portal username and password combination that was not valid, and the login was unsuccessful.

Resolution

If you have opted into Partner Portal email alerts, Datto will send you a security notification similar to the example shown in Figure 1 any time that our servers detect an attempt to log in to your Partner Portal account by providing invalid credentials from a blocklisted IP address. Should you receive an alert, Datto recommends performing the following steps to ensure the security of your account.

NOTE  Logging into the Partner Portal from a device that uses a temporary IP address lease, such as a smartphone, may trigger a portal alert. When reviewing the notification, keep this information in mind.

  1. Review the IP address and the time stamp shown in the email. If you recognize the IP address and the login time shown, no further action is necessary on your part.
  2. If you do not recognize the login activity, your account may have been compromised by an attacker. Reset your Partner Portal password immediately. Review your account for any signs of malicious activity.
  3. For added security, Datto also recommends enabling Multifactor Authentication (mfa) for your entire organization.
  4. If you have further questions or require additional security-related assistance, contact Datto Technical Support.

You receive an email from noreply@datto.com with a message similar to the following: "Attempted Login from Blocklisted IP. Datto has detected an attempted login from a blocklisted location using valid credentials. If this wasn't you, please reset your password or contact Datto Support to keep your Datto account safe."

Cause

An attempt to log in to http://partners.dattobackup.com took place from an IP address which you blocklisted in your organization settings. The login was attempted with a valid Partner Portal username and password. Because the IP address was blocklisted, the login was not successful.

Resolution

If you have opted into Partner Portal email alerts, Datto will send you a security notification similar to the example shown in Figure 1 any time that our servers detect an attempt to log in to your Partner Portal account by providing valid credentials from a blocklisted IP address. If you receive an alert, Datto recommends performing the following steps to ensure the security of your account.

NOTE  Logging into the Partner Portal from a device that uses a temporary IP address lease, such as a smartphone, may trigger a portal alert. When reviewing the notification, keep this information in mind.

  1. Review the IP address and the time stamp shown in the email. If you recognize the IP address and the login time shown, no further action is necessary on your part.
  2. If you do not recognize the login activity, your account may have been compromised by an attacker. Reset your Partner Portal password immediately. Review your account for any signs of malicious activity.
  3. For added security, Datto also recommends enabling Multifactor Authentication (mfa) for your entire organization.
  4. If you have further questions or require additional security-related assistance, contact Datto Technical Support.