When it comes down to securing your domain names, one method is not enough.
Domain theft is rampant, and the current structure of the reclaiming process puts the onus on the victim.
In other words, it’s best not to have to deal with a domain theft incident to begin with.
Two factor authentication is the bare minimum extended feature, along with passwords of specific composition and other added security layers by the Registrar.
One of these extra layers, is implemented by 101Domain, a domain registrar that is particularly popular for ccTLD and gTLD registrations and pre-registrations.
101Domain adds an IP restriction to the number of security options.
If you access your account from a static IP address, you can authorize it as the only one that can log into your account, even with the correct credentials – username and password.
You can also define an IP range, using the CIDR netmask method. For example, 10.1.1.0/24 would allow access to the IP range from 10.1.1.0 to 10.1.1.255. You may add a maximum of 5 addresses or networks.
This type of security feature is extremely important.
Many recent cases of domain theft to China would have been blocked, if the losing Registrars implemented such a strong security feature.
The 101Domain approach gives power users the ability to safeguard their domains very effectively.
Dear Theodore,
Greetings from Vancouver!
Really enjoyed your article on domain registrar security: http://acro.net/blog/domain-security-all-registrars-should-implement-this-feature-by-101domain/
I wanted to let you know that we at HEXONET also offer this option.
Hope to meet you sometime at Namescon or event Domainfest.asia
Best regards,
Patrick
—
Patrick McCleery
Sales Manager
North America & Asia/Pacific
T: +1 604 637 5788 ext. 8200 F: +1 604 909 1868 M: +1 604 727 9175
E: patrick@hexonet.net
W: http://www.hexonet.net
Moniker.com has this “extra” security feature for a pair of years and is very annoying when you are not always login from the same locatio. And when you manage the account of a client it’s a true nightmare…
You can easily get a VPN which has range for example of 10.1.1.0/24 or 10.1.0.0/16 and you could consistently always get to an account with an IP restriction. Unless the cybercriminal new what service you were using, there would be no way for them to know to try that specific range. You would also put in other IP ranges such as you local IP range and or another similar /24 /16 network range that you would rely on in case your main VPN was down.