Domain Name Security Tips


Domain names can be a company’s most valuable asset, so losing ownership of a domain name for even 15 minutes can hurt a company dearly.

If the DNS is changed, you will likely know quickly because things like email, your website, and so on simply stop working as they did prior. Sometimes this can be related to your domain name expiring, due to an outdated credit card on file for auto-renew and domain renewal emails were missed for an example.

Sometimes you may lose ownership of a domain and not even know it until it’s too late, because thieves know that any changes to DNS will alert the owner. So they make a subtle change of registrant email or gain access from an old expired domain/email that controlled the account. If a thief gains access to your registrar account email, it can go undetected since any notification would be sent to the registrar account email.

What if your domain name was stolen? Think of all the things that your domain name is connected to. It’s normally a big deal. Since domain theft happens, as well as unwanted expiration, there are processes to prevent it and avert a potential disaster:

  1. Never use the same email address for your domain name registrar main account and the data displayed for WHOIS records. Use one email address on a different domain name for your account, a different email address and domain name for information in WHOIS records.
  2. Always use two-factor authentication. Not only for your domain name registrar account but also your email client. For example, you may want to use a Gmail account email for your WHOIS email data and then a domain name you control for your main registrar account. Access to each should require 2FA.
  3. Use WHOIS privacy at your domains registrar. This is a double layer. If a thief can’t even see an email address, there is little they can do besides start guessing or moving on to another target. If you did use the email address in the past, consider this security layer broken because there are services that store WHOIS history data.
  4. Password reset / User ID request. If you get a request from your domain name registrar and you didn't initiate it, ignore it and do not click anything in the email notification. One, it may be a spoofing attempt and secondly, somebody may be trying to access your account and this is a way to prevent it.
  5. Registry Lock. The ultimate defense. Registry Lock is done via your domain name registrar and the registry of your domain name. For example, Verisign is the registry for .com and .net domain names. There is an added cost to this security layer but well worth it for a vital asset. You get extended domain name renewal protection, plus any changes to even DNS require a process with more than one party involved. To note, registry lock is different than the standard registrar lock at a domain name registrar and not all domain registrars offer this upfront.

Domain name security is very important and many options are available to domain name owners, it’s just important that you use them!

Domains can be forgotten because you can renew a domain name for up to 10 years. A lot can change in 10 years, so it’s always good practice to log into your domain name registrar account monthly and just check your account, your email associated with it and the settings in regards to your domains. Verify that your credit card on file is valid and up to date.

Any key asset domain names like your main brand domain and any system-critical domain names should have registry lock on them. Registry lock is the highest protection from unwanted expiry, unwanted DNS changes, and unwanted account changes. Internal theft and external theft should be considered.

Get Inspired: How to Get Ideas for Domain Names

October 10, 2019

Domain name inspiration arrives through a variety of paths. The goal is to build and expand a...

Branding and Domain Names, The Ignition System

August 27, 2019

Building a powerful brand isn't easy. It requires a great first impression, credibility, trust...

Easily Import Email Domain Inquires Directly Into Uniregistry Brokerage

August 13, 2019

One of the nifty features that Uniregistry Brokerage has is forwarding purchase inquiry emails...

How Does Your Main Brand Domain Name Stack Up

August 8, 2019

Today is the day, the day to own the best domain name for your brand. Why does it matter? Who is...

Domain Name Availability: How to Sort Through the Noise

August 6, 2019

Domain Name Availability: How to Sort Through the Noise. A guide to registering great domain...

New Missed Connections: Part II

July 16, 2019

Missed Connections by Jeffrey Gabriel: Ladies and Gentlemen, a couple of weeks ago we released...

Missed Connections! A New Kind of Buy It Now Domain Names

June 17, 2019

Missed Connections is paying homage to my favorite (for comical reasons) section of Craigslist....

Uniregistry Brokerage Boasts Impressive 2016-2018 Sales

June 10, 2019

Uni Brokerage Domain Name Sales Data between 2016-2018.

Uniregistry Announces Domain Liquidity

May 25, 2019

Uniregistry now facilitates the wholesale purchase of high quality domain names. Our process is...

Introducing the Uni Blog

May 15, 2019

It is with great pleasure that I announce the launch of the Uni Blog.