It is dangerous to reuse passwords on different websites. Domain investors who do this can risk their reputation and/or domain names if one website is hacked or if password information is somehow leaked.
The Chief Technology Officer at NamePros issued a warning to domain investors today because of “an increase in credential stuffing attacks targeting domain investors.” Paul offers some good examples of how this can happen, and he also shared some advice on how to prevent it from happening to you.
Importantly, this is not limited to NamePros. Domain investors – and Internet users in general – are susceptible to this if they share passwords for various website logins.
My recommendation is to use different passwords and usernames on different websites. Using a password manager is a good way to keep track of passwords and logins on different websites. In addition, domain investors should enable 2 factor authentication at websites that offer it, particularly domain registrars. Investors who have valuable domain names would be wise to inquire about enhanced security offerings at their domain registrars.
Absolutely, yes, use different passwords. 2 factor ID is a pain, but probably a necessary evil – especially if one is using a password manager. I don’t. I won’t because I have never been convinced that having all your keys in one place is a good idea.
“Using a password manager is a good way to keep track of passwords and logins on different websites.”
Pffft. If a secure website can be hacked to get one password (of YOURS, but thousands of others’), then your password manager can be hacked to get all of them.
Trust NOTHING on a computer or the internet. EVERYTHING IS HACKABLE, BY DESIGN. (eg: research Operation Talpiot.) Unique passwords stored with pen and paper in a safe is secure, nothing else. Ditto for any sensitive business or design information.
Yup. Old school pen and paper only (plus 2-factor) for me.