10 tips for improving domain name security
Why is domain name security so important? For many ventures, your domain name is your online business identity. And with the rise in cybercrime cases such as domain name hijacking, it’s never been more critical to keep your domain name safe.
By following a few tips and implementing domain name security best practices, you’ll reduce the chances of losing your domain name. In this post, we’ll share why your domain name security matters as well as tips and tools to help you protect your domain name.
Why domain name security matters
Imagine for a moment a typical day in your business. You’re going about your daily tasks when suddenly you get a message from a long-time customer that they cannot seem to access your website. Instead of your usual homepage, they’re seeing a ton of unrelated ads.
You rush to check your website and then log in to your domain and hosting provider to find your worst fears have come to life. You no longer own your domain. It’s expired and someone else registered it in the meantime.
Hours of long and hard work have vanished. Your content, all your blog posts, videos, SEO and more — everything is gone. You’re clearly losing out on sales and growing your audience but what’s worse, your brand reputation could be tarnished.
Or take this domain name security nightmare: A bad actor gains access to your account through publicly available WHOIS information, hijacks the domain, and points it to another website. They might even gain access to your emails and transfer the domain to their name. You could be looking at a long and drawn-out legal battle to get your domain name back.
Obviously, neither of the two scenarios are something any business owner wants. The good news is that they can be avoided. All it takes is implementing some domain name security best practices.
Related: What you need to know about domain security and EPP codes
10 tips to help improve domain name security
If you want to make sure that your domain name is secure, follow the steps below.
- Use a reputable registrar.
- Enable registrar lock.
- Choose a strong password.
- Enable two-factor authentication.
- Use an SSL certificate.
- Enable privacy protection.
- Renew your domain regularly.
- Keep your contact details with the registrar up to date.
- Beware of phishing emails.
- Keep your domain registration information safe.
Read on to protect one of your business’ most valuable assets.
1. Use a reputable registrar
If you do a quick Google search for a domain name registrar, you’ll see millions of results. Even ICANN (the nonprofit organization responsible for coordinating the management of the technical side of domain registrations) has hundreds of domain name registrars listed on their website.
Opt for a domain registrar, like GoDaddy, that has a good reputation, takes security seriously, and that has tools in place that facilitate domain name security.
Want to see if your domain is available? Give it a try below:
2. Enable registrar lock
When you register your domain name, most registrars, including GoDaddy, will automatically lock it. This prevents unauthorized changes, including transfer to another registrar.
ICANN regulations state that when a transfer request has been filed, the registrar has five working days to respond. If there is no response, the transfer request will automatically be approved. In other words, if someone other than you requests that the domain name be transferred to another registrar, the transfer will be automatically approved without a domain lock in place.
However, certain changes to your domain name settings might require you to unlock your domain. If that’s the case, be sure to lock it immediately after you’re done.
3. Choose a strong password
A strong, unique password is a necessity for all your online accounts. This includes not only your domain registrar’s account but also the email account associated with your domain registration contact information. .
But what makes a strong password? A strong password usually contains eight to 12 characters, consisting of both uppercase and lowercase letters, numbers and symbols. The downside to a strong, unique password is that it’s not always easy to remember.
Look into a password manager like LastPass, 1Password or Dashlane. Password managers keep all your passwords safe so you don’t have to remember them. Instead, you just need to remember a single master password that unlocks your password manager vault.
Password managers can also generate secure passwords for you so you don’t have to remember everything that goes into creating a strong password.
4. Enable two-factor authentication (2FA)
In addition to having a strong password, it’s a good idea to set up two-factor authentication for your most important online accounts. With two-factor authentication, you’ll have to enter your password and use an additional method of verifying your identity.
This can include:
- A text message with a code sent to your phone
- An email with a special authorization code
- A code generated by a third-party app such as Google Authenticator, Authy, or similar
Once you set up two-factor authentication for your domain registrar’s account, even if someone gains access to your email, they won’t be able to log in without entering that special authorization code.
5. Use an SSL certificate
An SSL certificate enables websites to use the secure HTTPS protocol. An SSL certificate is nothing more than a data file that’s hosted on a website’s origin server.
It contains information such as:
- The domain name for which the certificate was issued
- The person or organization that the certificate was issued to
- Who issued the certificate
- Issue and expiration date of the certificate
- Public key. which is a long string of characters used to decrypt and encrypt data passed between your website’s server and incoming traffic
In short, this information ensures that your visitors’ sensitive information is encrypted so it doesn’t fall into the wrong hands. It also prevents hackers from creating a fake version of your website, and it verifies the ownership of the website.
Most domain registrars have the option to purchase an SSL certificate directly from them — making domain name security easier to manage.
6. Enable privacy protection
Many domain registrars will offer automatic privacy protection for your domain. This is also known as WHOIS privacy. By default, as soon as you register a domain name, your contact information is visible online when someone performs a WHOIS search on your domain. They can see your email address, phone number and even your home or business address.
WHOIS privacy masks that information so that it’s not publicly accessible. Some domain registrars offer this for free, while others will charge a small fee on top of the domain registration cost. Regardless, it’s well-worth paying a little extra to ensure your information cannot be accessed by anyone online.
Editor’s note: GoDaddy offers basic WHOIS privacy for all domains registered through us at no extra cost to you.
7. Renew your domain regularly
Forgetting to renew your domain name could cause serious damage. For one, you run the risk of a competitor scooping it up. Secondly, a domain squatter could register your domain name and either refuse to sell it back to you or demand an exorbitantly high amount of money for it.
GoDaddy makes it easy to turn this option on in your domain management area.
In addition, consider registering your domain for a longer period of time. For example, instead of one year, opt for two, five, or even 10 years. You’ll save money in the long run and gain immediate peace of mind in terms of domain name security.
Related: What is domain squatting and what can you do about it?
8. Keep your contact details with the registrar up to date
Business address or email changes are not uncommon these days. However, be sure to keep your contact information up to date with your domain registrar.
Get into the practice of regularly checking your contact details and updating them whenever they change. This includes keeping your email, phone number and contact address current.
It’s a good idea to always have this information associated with you rather than an employee or contractor (e.g., website designer). That way, if that employee ever leaves, you avoid the risk of losing your domain because you’ve disabled their email address or company phone number.
9. Beware of phishing emails
Unfortunately, phishing emails are prevalent. They could seem completely innocent and as if they’re coming from someone you know or a business you trust. In some cases, they might even appear to come from a government or other official agency.
Sometimes, bad actors use phishing as a tactic to gain access to domain names.
Be wary of any emails that ask you to click suspicious links or want access to your sensitive information. Most reputable companies won’t ask for your SSN, credit card information or similar in an email.
If you’re not sure that the email is legitimate, it’s best to ignore it rather than risk exposing your financial or other sensitive information.
Related: Cybersecurity awareness — What is phishing?
10. Keep your domain registrar information safe
Lastly, keep the information about your domain registrar safe. This includes storing your login email or username and password in a secure location. Aforementioned password manager is a good option.
Don’t share your login information through a text message, email or chat either. Instead, use your password manager to securely share the password with other members on your team. Alternatively, some domain registrars will allow you to invite other users to your account so they can help you manage the more technical aspects.
Tools to help with domain name security
Now that you know how to protect your domain name, let’s talk about a couple of tools that can help you with domain name security.
As mentioned earlier, an SSL certificate is one way to make your domain more secure. GoDaddy offers a variety of SSL certificate plans that can help show your visitors that your website is secure and trustworthy as well as prevent bad actors from creating fake versions of your website.
You can choose between Domain Validation (DV), Organization Validation (OV), and Extended Validation (EV) SSL certificate, based on your business needs.
If you have multiple domains to protect, a multi-domain SAN SSL might be your best option. For a lot of subdomains, you might opt for the Wildcard SSL. Want to hand off your SSL management completely? Consider GoDaddy’s Managed SSL certificates.
In addition to SSL certificates, GoDaddy also offers domain protection. Whenever you register a domain name, you’ll get free basic WHOIS protection that masks your contact information. However, you can also opt for Full or Ultimate Domain Protection.
These two plans offer additional features that protect your domain against hijacking and other threats. They can also help prevent accidental transfers and even hold your domain name for an additional 90 days in the event your payment method expires at renewal.
Final thoughts on domain name security
Your domain name represents your business and your brand online — so make keeping it secure a standard way of doing business. Some steps to improve domain name security include:
- Registering your domain for a longer period
- Turning on auto-renew
- Using a strong password and two-factor authentication for your registrar’s account
- Enabling SSL with GoDaddy’s SSL and enabling registrar lock on your domain
- Using a reputable registrar to register your domain names
By following the tips shared in this article, you’ll be well on your way to making sure that your domain is protected