[mzjs]

This is an issue with all providers, though. It's not specific to just DO.

[toxicFork]

Of course. The weakest link seems to be customer support when it comes to security.

[cpach]

Yep. That’s why it’s so crucial that these companies try to adapt solid guidelines in order to minizime the risks of social engineering attempts.

[nadams]

I wouldn't say all - but many. However, there is always more than one way to skin a cat.

Gandi states that they won't reset it - but offers instructions on how to do it [1]. Which, presumably if you are spinning up VMs the owner of the account should get an email notification.

[1] - https://wiki.gandi.net/en/hosting/gandi-expert/change-root-p...