We have just now changed our auth domain to our alternate safe default. It will likely force you to log back in, but we can confirm previously blocked users are able to get back into Letterhead.
Posted Apr 02, 2026 - 17:20 EDT
Update
Thanks, everyone, for your patience. We can confirm that it's not the domain but the underlying IP, managed by Auth0, that has been flagged by a third-party trustware service used by some ISPs. For those users, when authorizing with Letterhead, the auth screen shows a warning as either suspicious - or not available at all. We are coordinating with Auth0, Spectrum, and Xfinity. In the meantime, we are deploying an alternate auth screen to let people into their system.
Posted Apr 02, 2026 - 16:58 EDT
Identified
We've identified that our Auth0 auth screen (auth.letterhead.email) has been flagged by Spectrum and Xfinity ISPs, which manage their own trustlist. We have reached out to both.
Posted Apr 02, 2026 - 16:19 EDT
Investigating
Resetting the status to "investigating." We had accidentally progressed the status to "identified" when sending the latest comm.
Posted Apr 02, 2026 - 15:30 EDT
Identified
This appears to affect customers on Xfinity and Spectrum. We have reached out Xfinity. We are also progressively checking to identify the source of the flag. Our most recent scan across 95 datasets returns a green reputation. We apologize for the frustration and will keep you updated. If you are prompted by your ISP to accept a risk before logging in, we encourage you to verify for yourself, first.
Posted Apr 02, 2026 - 15:25 EDT
Investigating
People are encountering an issue where our login page (auth.letterhead.email) has been flagged suspicious, preventing them from logging in without deliberately accepting that risk. We are currently investigating and think this might be a configuration issue upstream with our auth provider (Auth0), and in the meantime encourage people to verify for themselves the Google Safe Browsing status (https://transparencyreport.google.com/safe-browsing/search?url=letterhead.email&hl=en) before accepting that risk.