By now some of you have probably heard about the story of @n and how his twitter handle was stolen by someone using his domain names to extort the twitter handle from him. If you haven’t heard the story you can read it here. While goal of the hacker was to steal a twitter handle it raises some very scary points that highlight just how vunerable domain names and ultimately your business may be.
Before I go into how you can better protect yourself against domain name theft, let’s take a minute to think about just how important it is to protect your domains. The obvious reason of course is, if someone steals your domain, they can redirect your traffic to their own site.
The dangers are greater than that though. The real damage can come from someone hijacking your email from your domain. If someone steals your domain and you have used that domain as your main email, the hacker now has the ability to redirect all your email to them. The initial damage could be caused just by contacting your contacts and pretending to be you to extort money from your contacts. Beyond that they could start requesting password resets for all of your other accounts such as your Paypal or bank account. You could very quickly loss everything.
With this in mind it’s more important than ever to protect yourself and your domains. The good news is domain name registrars have the tools in place to make securing your domains easy.
The first step is to use a good email service as the contact email address on your domain. Don’t use your domain email address for your contact information. Sign up for an email account from a service such as google gmail or yahoo mail. Make sure you turn on 2 step verification for your account. These Identity Theft Protection services are very secure and will add an extra layer of protection in case someone gets access to your domain register account.
Turn on 2 step authentication on your domain name register account. While it may be a minor inconvenience, the added security it gives you is well worth it.
Use password management software such as 1password or lastpass. Use these services to create and store strong unique passwords for every site you have a login for. In today’s world of hackers gaining access to login and password information frequently, it’s more important than ever not to use the same passwords all the time.
While the above steps do add a bit more complexity and friction to your day to day work habits, the added security and long term benefits far outweigh the negatives.