-1

Ever since I read this article the other day, I've felt a bit uncomfortable about my domains being stolen. And I've tried taking each measure possible. But one I don't understand completely is TTL.

http://thenextweb.com/socialmedia/2014/01/29/lost-50000-twitter-username/

In addition, I also strongly suggest you to use a longer TTL for the MX record, just in case. It was 1 hour TTL in my case and that’s why I didn’t have enough time to keep receiving emails to the compromised domain after losing the DNS control. If it was a week-long TTL for example, I would have had a greater chance to recover the stolen accounts.

From what I understand, extending TTL on DNS records will ensure my email will continue being received for the time specified, if an unforeseen change occurs.

However, I want to know if extending TTL on records other than MX is wise. And if increasing TTL on an existing record won't interfere with mail delivery and website uptime.

Thank you,

TimePatrol
  • 1

1 Answers1

3

If your domain name is being stolen, I would recommend rather than trying to use some sort of probabilistic approach to security, you do two things:

(1) Register a very dull, boring domain name and use it for email only. Or, use a google or other external address as a secondary email for your contact information, or even as a primary.

(2) Get a strong password storage program and use a different password for each and every account, each and every time, without fail. I recommend 1Password, which works on mobile devices, laptop and desktops, and will sync passwords securely between them. For the price, it's a bargain to never have to remember your password is aksjr242344#!$Rr4s here, and 2312nflk5FDF5935@$@ there.

I would hazard a guess that if your twitter password and your domain hosting password are the same, you are exactly the kind of victim they love to find.

Michael Graff
  • 6,588
  • 1
  • 23
  • 36