Account Security Best Practices

Overview

Your hosting account contains sensitive information — from domain configurations to billing details. Securing your account protects your websites, email, and other services from unauthorized access. Follow these best practices to keep your 10Corp account safe.

Use a Strong, Unique Password

• Create a password with at least 12 characters including uppercase and lowercase letters, numbers, and symbols.
• Never reuse passwords across different websites or services.
• Use a reputable password manager (such as Bitwarden, 1Password, or KeePass) to generate and store complex passwords.
• Change your password immediately if you suspect it has been compromised. See Changing Your Account Password.

Enable Two-Factor Authentication (2FA)

Two-factor authentication adds a critical second layer of security. Even if someone obtains your password, they cannot access your account without the second factor.

• Set up an authenticator app like Google Authenticator or Authy.
• Generate and store backup codes in a secure location.
• Add a backup phone number for SMS recovery.

Secure Your Email Account

Your email is the gateway to account recovery. If someone compromises your email, they can reset your hosting account password.

• Enable 2FA on your email account as well.
• Use a strong, unique password for your email.
• Be cautious of phishing emails that attempt to steal your credentials.

Monitor Account Activity

• Regularly review your account activity log for any suspicious actions.
• Set up login alerts to be notified of new sign-ins.
• Check for unauthorized changes to DNS records, nameservers, or contact information.

Additional Recommendations

• Keep your contact information current so you can receive security notifications.
• Review sub account access regularly and remove users who no longer need access.
• Be wary of social engineering — 10Corp will never ask for your password via email or phone.
• Use a secure connection — always access your account over HTTPS and avoid public Wi-Fi for account management.
• Lock your domains with registrar lock (clientTransferProhibited) to prevent unauthorized transfers.

Related Articles

• Enabling Two-Factor Authentication
• Changing Your Account Password
• Setting Up Login Alerts
• Understanding Account Activity Log