Hacker News new | ask | show | jobs
by NicoJuicy 2437 days ago
Custom domains aren't secure though, it's probably the most vulnerable and easiest point of attack
2 comments
wwn_se 2437 days ago
Any decent registrar should force 2fa on request. Also long dns ttl and monitoring!
link
chenster 2437 days ago
What is that?
link
gruez 2437 days ago
Usually social engineering the domain registrar into transferring the domain.
link
anoncake 2437 days ago
So Google's approach to customer support is a security feature?
link
NicoJuicy 2437 days ago
No, using Hotmail or Gmail prevents dns hijacking.

The answer he gave you was correct. The interpretation wasn't

link
anoncake 2436 days ago
No, it prevents social engineering.
link
saalweachter 2437 days ago
This is where Google as a domain registrar really shines. :-P
link
s_y_n_t_a_x 2437 days ago
You can lock it though.
link
kilo_bravo_3 2437 days ago
Mine is. And it's all 2FA'd up. That was a part of the "Take Responsibility for your Own Stuff: For Dummies" guide I followed.

I imagine it would be easier to socially engineer a cellphone store employee and get a SIM to do a SMS-based password reset for a Google/Microsoft/Apple email account than it would be to hijack my domain.

link
minifigone 2437 days ago
Do you have a link to the guide you mentioned?
link
sachdevap 2437 days ago
I'd like to see this guide too, please.
link