Understanding Domain Name Security

Posted on Mar 14 2014 - 9:31am by Aubrey Moulton


Internet growth over the last several years has been exciting for many, bringing with it the rise of e-commerce and a new way for individuals to communicate and market themselves. With this new landscape, however, there has also been a growing need for awareness of domain name security. When an entity has had their domain name compromised, the damage can be devastating. The loss of customers, property, profits and reputation can be difficult for companies and individuals to overcome. Understanding the potential threats can help all registered domain holders to avoid those traumatic circumstances.

Some of the major threats include:

  • Hacking of the Registrar Account
  • Hacking of an Account Contact’s Email
  • Falling Victim to Phishing
  • Lack of Understanding of Security Tools and Their Necessity

Keeping the Registrar Account Safe

It is vital for the account login with a registrar to be kept safe. A strong password should be chosen and remain completely private. A good password will include at least one number and a mix of upper and lower case letters. It is wise to avoid creating passwords that form words or names, as hackers have programs that can crack passwords based on those types of patterns.

When a hacker cracks a password and gets into the registration record for a domain name, that person can redirect traffic to their own servers instead of those operated by the registered domain holder. The criminals are then in a position to steal information from unsuspecting site visitors. That can be as devastating for those parties as it is for the site owners.

Keep Contact Information Secure

Private registration services can also be beneficial in domain name security. If email addresses are listed publicly, they are certainly a temptation for hackers. If a determined hacker manages to gain access to an email address on file for a domain record, he or she could use that to gain access to the registration details, by having password recovery information sent to the email address.

Using a private registration service from a registrar involves having the contact information kept private, while the registrar provides special contact information for the public record. If someone viewing the public record has a valid reason to contact an individual on a domain record, the correspondence will be forwarded to the person’s email address by the registrar. This keeps the email address of the domain contacts hidden from public view without inhibiting the delivery of legitimate messages to that person.

Avoid Phishing Schemes

Many people are fooled by a piece of correspondence that appears to be from a company such as a registrar but is actually from a criminal enterprise. Domain name registrants must take care when entering login credentials, as it is easy to be led into accidentally providing usernames and passwords to hackers who are impersonating the registrar. To avoid being a victim of this scheme, pay close attention to the exact spelling of the registrar’s website whenever preparing to enter credentials.

Using Registrar Tools and Remaining Aware

A reliable registrar will provide tools that can make it more challenging for criminals to hijack a domain name and cause damage. A domain registration lock, for example, can make it more difficult for criminals to inflict damage. The domain name security options provided by a registrar work in conjunction with the knowledge that domain name registrants can gain by remaining aware of the potential threats.

About the Author

This article was written by Aubrey Phelps, a writer for Fibernet. In her spare time, she goes hiking in Utah and spends time with family.