How to Protect Domains from being Stolen

[Sufyan]

So what do you people do to protect your domains from being stolen? Any tips? :?

 

[1901gt]

Move all your domains to registrar?

 

[Kate]

1. Have a secure (not free) corporate E-mail address in whois
2. Have a password that is hard to guess and not prone to brute-force attacks
3. Make sure your PC is not infected with spyware and leaking confidential information...
4. Use a registrar that will send notifications when critical account information is changed (passwords etc) or failed login attempts are made
5. Maintain accurate whois information

More later maybe

 

[sf2010]

1. Have a secure (not free) corporate E-mail address in whois
2. Have a password that is hard to guess and not prone to brute-force attacks
3. Make sure your PC is not infected with spyware and leaking confidential information...
4. Use a registrar that will send notifications when critical account information is changed (passwords etc) or failed login attempts are made
5. Maintain accurate whois information

More later maybe

Thanks for your tips. Expanding on spyware preventative steps, this is what I do:

1. Install a master virtual environment (xp, vista, whatever) using either Virtual PC 2007 (free) or VMWare 6 (not free).

2. Make a copy of #1 and strip off unnecessary services and use it to surf

3. Make a copy of #1 and use it to conduct transactions (surf only to known sites like your registrar, paypal - NO EMAIL)

Every week or so, delete the image in #2 and repeat. This will hopefully minimize risk of spreading viruses if it becomes infected.

PS. Change your registrar passwords often!

 

[footodors]

Thanks for your tips. Expanding on spyware preventative steps, this is what I do:

1. Install a master virtual environment (xp, vista, whatever) using either Virtual PC 2007 (free) or VMWare 6 (not free).

2. Make a copy of #1 and strip off unnecessary services and use it to surf

3. Make a copy of #1 and use it to conduct transactions (surf only to known sites like your registrar, paypal - NO EMAIL)

Every week or so, delete the image in #2 and repeat. This will hopefully minimize risk of spreading viruses if it becomes infected.

PS. Change your registrar passwords often!

Man, that's just plain nuts!

 

[DotWeekly]

1. Have a secure (not free) corporate E-mail address in whois
2. Have a password that is hard to guess and not prone to brute-force attacks
3. Make sure your PC is not infected with spyware and leaking confidential information...
4. Use a registrar that will send notifications when critical account information is changed (passwords etc) or failed login attempts are made
5. Maintain accurate whois information

More later maybe

That covers it, with #1 being very important.

 

[sf2010]

Man, that's just plain nuts!

Hehehe. It sounds more complicated than it really is.

VMware also has web browser appliances you can use (based on linux distro/ff)

 

[Sufyan]

Thanks all for the tips.

Is leaving your domain in unlocked state is dangerous while the transfer is in place?

 

[networkmsia]

another tip is, don't use public computers for domaining. Who knows what type of spyware/key-logger those computers might have.

and if your using a public wi-fi service, beware too as a nearby hacker might hack into your data.

 

[Kate]

Thanks all for the tips.

Is leaving your domain in unlocked state is dangerous while the transfer is in place?

When the transfer is initiated the domain status will update to pending-transfer so it should not be possible to initiate another transfer at the same time. Plus, extensions like .com require an auth code.

 

[Slick Domains]

I usually don't give out my passwords. So far this has helped avoid any domain theft. :D

 

[deleted984054565403]

1. Have a secure (not free) corporate E-mail address in whois
2. Have a password that is hard to guess and not prone to brute-force attacks
3. Make sure your PC is not infected with spyware and leaking confidential information...
4. Use a registrar that will send notifications when critical account information is changed (passwords etc) or failed login attempts are made
5. Maintain accurate whois information

More later maybe

To go along with #1 and #2, make sure your e-mail address has a secure password as well. Domains can be stolen by people gaining access to your e-mail and requesting passwords, thus breaking into your account at the registrar.

 

[scandiman]

Pay your reg fees :hehe:

 

[Dave_Z]

What everyone else (especially Kath) mentioned pretty much covers it. But I'll
add one more: being ready to work with the registrar in case it happens.

All in all, the most important tip to keep your domain names safe is to stay on
top of them. Easier said than done, but you're the best person to ensure that.

 

[james0306]

Pay your reg fees :hehe:

This is the most important protection. :D

 

[Sufyan]

Have a secure (not free) corporate E-mail address in whois

Can anyone please explain this tip in some more details?

 

[Kate]

Have a secure (not free) corporate E-mail address in whois

Can anyone please explain this tip in some more details?

Free addresses like yahoo may expire especially when they are not used often.
Worse, the handle could even be claimed by someone else.
Your domain names are only as secure as the admin E-mail address.

 

[Sufyan]

You mean I should have an email address at my own domain / hosting. Like [email protected] where mydomain.com is hosted at myhost and can be access with their webmail or configured with my email program such as Outlook?

 

[seamaster]

use a mac

 

[Traveler]

The obvious is lock your domain names. As far as passwords, don't use a dictionary term. Also don't only use alpha-numeric, that means don't use just numbers or letters. Use special keys such as "#" or "$" in your password.

When I was working for a government agency, we had a guy who's only job was to crack our passwords. The easiest thing for him was when someone left their password on their desk, maybe a sticky on their monitor or bottom of their keyboard. He also used "brute force" to try and crack passwords. The ones he could not crack had a few "special characters" in them. So, use your shift key and put those "special characters" into your passwords.