MongoDB cloud accepted an email with .con for 7 years before locking my account
I’ve been using MongoDB Cloud for over 7 years with an account registered under an email ending in .con — just a simple typo for .com.
Everything worked perfectly for years: sign-up, billing, access, all fine.
Then recently, I was suddenly locked out because “you can not verify your e-mail.”
Of course, .con isn’t even a valid gTLD. Which means MongoDB’s system not only accepted it during registration, but let it function for 7 years without issue.
Now I can’t access my data or account, and support says they can not make changes to the account due to security policy that requires verification with wrong gLTD e-mail.
I understand human errors happen — but allowing an impossible domain for nearly a decade feels like a validation issue worth flagging.
Anyone else seen something similar in production systems?
Well, you usually get it to be verified so never in production systems