Account Security
Table of Contents
- How to create a strong password
- Account sharing
- Authentication
- Forgotten password
- Activity and audit logs
- Further reading
- Have more questions?
Domains are some of the most important assets for any organization, business, or personal project. DNSimple protects your domains and account data, and there are steps you can take to further secure your account.
Warning
If you have noticed fraudulent activity or suspect someone has taken over your account, contact support@dnsimple.com.
How to create a strong password
- Create a unique password that includes letters, numbers, and punctuation. You can also use special characters (for example
!@#$%^&*), multiple words, or a passphrase. Do not reuse passwords from other services. - Use a password of 16 characters or more. Longer passwords are harder to compromise.
- Never share your password with anyone. DNSimple support will never ask for your password for any reason.
- We strongly recommend using a password manager like 1Password to create and store unique passwords for every service you use.
Account sharing
- Do not share your account login with others.
- If you are on the Teams or Enterprise plan, you can add seats to your account and use Domain Access Control to give other users access to your domains with fine-tuned permissions.
- Only add authorized contacts to your account.
Authentication
- We strongly recommend enabling multi-factor authentication (MFA) for an extra layer of security. MFA is available free for every subscription.
- Enforce MFA for every team member managing domains on your account.
- Download and secure your recovery codes.
- Users who do not enable MFA are required to change their password every three months to maintain security. The new password cannot match any of the last five passwords used. When a reset is due, DNSimple shows a Password reset required page on your next login. Click the button to send reset instructions to your user email. You will be signed out automatically and will not be able to log back in until you have set a new password using the link in that email.
Forgotten password
See Forgot Password to request a password reset.
Activity and audit logs
Review Activity Tracking to see who changed DNS records, account settings, or permissions and when those changes occurred.
Further reading
You will find more information and resources for securing your domains on our security page. You can also view our security policies for more on how we handle specific issues.
Have more questions?
If you have any questions or want to know more about how to make your account as secure as possible, contact our support team, and we’ll get you the information you need.