> >

Re: domain name stolen and retrieved the whole story (GoDaddy security mechanism has serious loopholes)

time:17-05-26 forum:Foreign domain name registration and virtual host space service
  Since then, I have realized the importance and seriousness of password security. I started to use the password book to save the password, each local password is different, but as time goes on, there are more and more places to use the password on the Internet. It is impossible to save each of the passwords, and it will be inconvenient to enter each time. So I divide the password into 3 grades, and the primary one is usually temporary. The account, such as the next thing to a forum, found that it had to be landed, and registered an account. This account, even if it was stolen, had no loss to me, but this place may come again in the future, so this kind of account I unified with a relatively simple and easy to remember passwords. The intermediate passwords are used in places where I often go, and even if they are stolen, they don't cause me too much damage, or I can get them back in a tight and easy way, so I set up a more complex code in these places. The highest level of password is a very important place, such as QQ, mailbox, net silver and so on, I each set a different password, the password contains a number and a special symbol of the letters and letters, and often change, but it is very troublesome to enter, and now these types of passwords have more than 50.

2009 in China to combat vulgar website, because of low custom without clear standards, a large number of websites were affected, some websites are even directly locked by domain name registrar, as the domain name is in the country, as long as the Communication Management Bureau next notice to the Registrar, the register will deal with the domain name HOLD, this domain name. It was completely unusable, and it made people panic at a time. For the sake of domain name security, I transferred one of the web domain names to GoDaddy, the largest domain name registrar in the United States. 2010 GoDaddy supports Alipay, payment and renewals are more convenient, so I will not have several domain name around station. Once I tried to modify the registration information of a domain name, GoDaddy immediately sent my mailbox to verify the mail, and asked me to reply to the mail or click the link inside to update the new information to the domain name. If I did not reply and did not click the link, then the modification of the domain name would be invalid, this confirmation The mail is still in my mailbox so far. It was because of this operation that I mistook the GoDaddy security mechanism very well, so I did not pay attention to my account in GoDaddy, I listed the GoDaddy account's password level to the intermediate level, and then put it on the top of the protection mailbox. No one will expect that GoDaddy will cancel this verification mechanism someday.

in view of the previous domain names turned to GoDaddy has been quite safe, and the domestic situation is more volatile, and the frequent rumor is beginning to strike hard, so in 2011, I transferred the main domain name of the sky and human animation network from the new network to the GoDaddy, so there are already 5 domain names in my GoDaddy account.

most of the domain names may be stolen because the domain name registration mailbox is stolen first, and then the domain name is stolen. Therefore, the protection of the mailbox is the most important measure to ensure the security of the domain name. After the first time domain name was stolen, I immediately gave mailbox multiple protection, such as real name authentication, bundling of mobile phone, mailbox change secret notification, receipt of mail message notice and so on, mailbox password I also often change. I think my safety awareness is strong enough. Since 2007, the accounts in my password book have not been stolen once. I did not expect this time to ship in the gutter, this time domain name theft may be caused by many reasons, my own negligence, the hacker's smart, GoDaddy loopholes and various coincidences, now think that this may be destined to have this. At the end of

2011, password was leaked on websites such as CSDN, and my account and password on CSDN were exactly the same as those on GoDaddy. In front of the previous modification operation, GoDaddy was sent to verify the mail, so I only listed the GoDaddy account's password level to the intermediate, and used the same account cipher with the CSDN and other websites. After the CSDN leak burst out, I did not expect to change the GoDaddy account password, on the one hand I thought it should not be stared at me, on the other hand, at that time, I think that even if the hacker entered my GoDaddy account, he wanted to change any information of my domain name through my email verification, I just protect it. Mailbox, and do not return to GoDaddy mail, do not click on any link in the mail, he can not steal my domain name.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15

prev:Anti iframe theft chain detection in HTM... next:Ji'nan's major scenic spots "Baotuan" ac...
post comments
Notice



Approved   He was a high student at Yale, but h...   Eight couples in Ji'nan join hands i...   India actor Amirkhan loses weight vi...   The head of Tsinghua elementary scho...   The latest regulations on maternity ...
rand   The PerdhanaHost host is only $3.5 p...   Netcom's unfriendly part of the GoDa...   Some common host IP segments of Goda...   Godaddy space displays 500 error Int...   Online test site PING value, network...
ads

other

Because all the contents of this site are reproduced from other media, the intention is to provide free services to the public, but it does not mean that this site agrees with its views, and can not be responsible for the authenticity of its verification, such as the copyright unit or individual of the manuscript does not want to publish on this site, please Contact me, I will immediately remove it, thank you. Contact: atseashawk@163.com