Beta

Domaining Companies Breached: Why Changing Passwords Is Not Enough

February 9, 1 Comment

stealing domain namesEarly last year I posted my Top 10 Tips For Keeping Your Domains Safe. Tip #9 covered password protection and recommended that you use a program such as Password Safe and use the random password generator. If you followed that advice, then its likely that you only have to change one password. If you didn’t follow that advice, you could be in a world of trouble.

Over the past week I’ve received far too many notices from parking companies telling me to change my password. At first I thought I had been transported back to 1990 or a scene out of the Matrix whereby someone types in a password and gets access to “the mainframe”. Here is why changing your password isn’t enough.

Identity Theft

Your parking accounts provide valuable information such as your name, address, telephone number, credit cards etc.. While there are legitimate reasons for companies asking you for this information (such as to verify your identity when you sign up), if the information is stolen then it can be combined with other information so that:

  • Loans can be taken out in your name.
  • Credit cards can be obtained in your name.
  • Other identity documents can be issued.
  • Someone else can become you!

Domain Theft

Just when you thought that getting your identity stolen was bad enough, your portfolio is being transferred. I’ve already written about how you can secure your domain names before, so I won’t go into it here – just read the article.

Money Laundering

Change your passwords on your paypal account and bank account. Paypal have a Security Key that costs you $5. It provides extra security on top of your password. It’s not fool proof, but will help deter the dumb crooks. I suggest you use it. The last thing you need is for your paypal account or bank account to be emptied and/or used to transfer large sums of money on behalf of criminals.

Next Steps

1. Use Password Safe and randomly generate a passwords for all your accounts.

2. Change your EMAIL (pop3/IMAP) passwords. These are often used to reset passwords. eg: people click on “Reset my password” or “I’ve forgotten my password” and an email is sent to you. Of course, the crooks know your ISP (from your domain name in your email address)and can probably login your your email via webmail and get that password reset email before you. Didn’t think of that, now did you?

3. Change your server, blog, paypal and any other passwords.

I hope this has given you a few things to think about. Your domains are valuable assets. It’s time to treat them that way.

Add to Twitter Add us to your Facebook


Categories


PositiveSSL


Domaining.com recommends this domain drop site

About Us | Contacts | Sitemap

© 2009. All rights reserved.