An Important Update

Dear Followers Of This Blog ...

If you did not use a Blogger / Google account when you Followed this blog, years ago, you are probably not Following now . During the past...

Thursday, July 09, 2015

Please, NEVER Share Your Domain Account!

Along with access to your Blogger dashboard, access to your domain dashboard is a sensitive issue.

The domain dashboard, also known as the "zone editor", provides control of the domain, as the Blogger dashboard provides control of the blog. The EPP Code, which allows domain ownership transfer, is generally retrieved using the zone editor.

And, there are other zone editor features that you, the blog and domain owner, do not want being misused by another person.

We tell blog owners to never give someone else use of your Blogger account - and this same advice is equally essential for your domain account. This is part of your relationship with your registrar - and it is your property, alone.

Someone, who is not you, able to gain access to your domain dashboard, could do any of several things.

  • Change the DNS addresses, to point to their website.
  • Change the email address, for the domain account.
  • Retrieve the EPP code, and transfer ownership of the domain.
  • Change the password, for the domain account.

Change the DNS addresses, to point to their website.

In general, changing the DNS addresses should result in an alert.

You're about to be redirected!

I would not bet on this happening, consistently, though. Depending upon how the destination of a DNS change is routed, it's possible that your readers would first report the problem.

I'm not seeing your blog, just a faceful of ads!

or worse

My ISP just froze my service, claiming I'm spitting out excessive, malicious traffic!

Who knows what a hacker could do, given control of your DNS settings?

Change the email address, for the domain account.

Some registrars provide an easy to use email address change wizard. This could affect your ability to reset the password, and to retrieve and use the EPP code.

Retrieve the EPP code, and transfer ownership of the domain.

Many registrars provide access to the EPP code, to enable convenient and easy transfer of the domain, to another registrar. A hacker, using the EPP code, could transfer ownership of your domain.

Like a blog ownership transfer by a former friend, you probably would not be able to recover control of your former domain.

Change the password, for the domain account.

If someone changed the password on the domain account, you would be unable to login. If he also changed the email address, you would be unable to recover control, and he would have control of the domain.

Use common sense - do not share your domain account.

I suspect that you would appreciate none of these events, were this to happen to your domain. That should give you reason to never share your domain account.

Dude, hit me with a comment!

Anne Bennett said...

Timely advice. I just about let someone have my domain information to make a few changes to my html that I felt insecure doing myself. Decided it wasn't worth the hassle and didn't do it. Phew. Dodged that bullet.