easyDNS provides multiple methods to protect your user account and all of its contents.
These methods currently include:
- Access Recovery and Support (either 3 security answers or ESM [Enhanced Security Mode])
- 2-Factor Authentication
- Access Control List
- Failed Login Attempts
- Country-Based Login Restrictions
- Activity Notifications
To access the security settings, please do the following:
1. Log into your easyDNS account.
2. Click on SECURITY.
You should now see the following listed:
Access Recovery and Support
This feature allows you to customize your account security by either using our standard ‘Secret Questions and Answers’ or our ‘Enhanced Security Mode.
Please note that under the ‘Enhanced Security Mode’ the 12 words are randomly picked for you. Before continuing, you must print or save them and keep them in a safe place because you will require them to get access to your account should you ever lose your password. Make sure you preserve the order in which the words are listed.
The phone access code, combined with another piece of information (such as a domain name or your user name), will permit easyDNS to confirm some of the account holder information.
2-Factor Authentication
This feature requires that the user log in twice with the second login being an ‘authentication token’ that gets delivered to you either via Google Authenticator, SMS, or email. This is especially useful for users who like to use traditionally weak passwords.
You can get Google Authenticator for Android HERE.
You can get Google Authenticator for iOS HERE.
Please note that if you get locked out of your easyDNS account due to the 2nd Factor being lost, compromised, or unavailable, then the only way to get access is by contacting our support staff and providing the answers to your security questions.
Access Control List
It is possible to limit logins to your easyDNS account so that logins will only be accepted from network locations specified by you. This vastly improves security in the case where your account username and password are compromised, a third party may not be able to log into your account and assume control of your domains if you have an Access Control List specified limiting logins.
Improperly formed Access Control Lists can result in locking yourself out of your easyDNS account. You should always test your ACLs using the TEST WITH CURRENT IP ADDRESS utility before committing them. If you are not sure how to proceed or do not fully understand the scope of this tutorial, you should contact support before enabling an ACL.
Remember, ACLs do not replace other security considerations, they enhance them. It is still your responsibility to secure your username and password as well as to select secure answers to your secret questions.
Failed Login Attempts
If you suspect any sort of unauthorized login attempts, you can get further information by checking out this section.
Country-Based Login Restrictions
Login restrictions provide an additional layer of security for users by limiting which countries (as reported by GeoIP) a login request can originate from. Login restrictions will prevent access from any country not provided in the list below. This follows the filtering already available in your account’s ACL restrictions.
Geolocation is the identification of the real-world geographic location of an Internet-connected device (computer, phone, etc.). IP address geolocation data can include information such as country, region, latitude, longitude, and a variety of other data. easyDNS uses this technology to determine the originating country of the IP address attempting to log into the account and restrict access based on your configuration.
For a complete list of country codes you may restrict access to, please visit the IANA Root Zone Database HERE.
Activity Notifications
This section allows for notification customization. You can get notified if:
- Someone makes a successful login
- Too many attempts to log in (unsuccessfully)
- A domain within your account gets unlocked for transfer
- Updates are made to the ownership information of a domain name
- The nameserver for a domain is changed to another provider
- Any updates to the DNS settings of a domain are made
This section also allows you to choose between email or SMS as the delivery method of the notification(s).
Account Password
The password can only contain upper and lower case Latin unaccented alphabet letters, numbers, and the following special characters: – _ ! @ # $ % ^ & *
Passwords have a limited range of 8 to 128 characters.
Account Username
The username can only contain lowercase, unaccented letters, numbers, periods, underscores, and the “@” sign. Usernames cannot be modified once created.