Posted on Leave a comment

How To Protect Your Domain Name From Hackers: A Comprehensive Domain Security Guide

In the digital age, your domain name is a critical asset to your online presence, whether for personal branding, business, or any other purpose. However, hackers can target your domain name and hijack it, potentially causing irreparable damage. In this article, we will explain how to protect your domain name from hackers, provide insights on domain name hijacking, and offer practical strategies to secure your online identity.

What Is A Domain Name?

Before diving into the specifics of how to protect your domain name, it’s essential to understand what a domain name is. A domain name is the unique address that identifies a website on the internet. It serves as a human-readable identifier for an IP address, making it easier for users to access websites. Think of it as the “street address” of a website.

For example, in the domain name “example.com,” “example” is the unique part of the domain, while “.com” is the top-level domain (TLD) that specifies the type of website.

What Is Domain Name Hijacking?

Domain name hijacking is a malicious activity where a hacker takes control of your domain name by exploiting security vulnerabilities. This can lead to a complete loss of access to your website, emails, and other services associated with the domain. Hackers may either change the domain registrar, alter DNS settings, or steal the domain registration credentials. Domain hijacking can result in significant financial and reputational damage if not prevented or addressed promptly.

Why Is Protecting Your Domain Name So Important?

Your domain name is often the first point of contact for customers, clients, and visitors. Losing control of it can cause a host of problems, from losing traffic to losing credibility and trust. Domain hijacking could also lead to the unauthorized selling of your domain or redirecting visitors to malicious websites, resulting in phishing attacks and data breaches.

In this section, we will look at the various ways hackers target domain names and the potential consequences of not securing your domain properly.

How To Protect Your Domain Name From Hackers

Now that we have a clearer understanding of domain names and the risks of domain name hijacking, it’s time to discuss the best practices to protect your domain name from hackers. Here are several strategies you can implement to safeguard your domain.

1. Use A Strong Password For Your Domain Account

The first line of defense against domain hijacking is ensuring that the password for your domain registrar account is strong and secure. Weak passwords are easy for hackers to guess, especially if they use common combinations or personal information.

To create a strong password, follow these tips:

  • Use a combination of uppercase and lowercase letters, numbers, and special characters.
  • Make the password at least 12-16 characters long.
  • Avoid using obvious words like your name, birthdate, or common terms.
  • Use a password manager to generate and store strong, unique passwords.

2. Enable Two-Factor Authentication (2FA)

Two-factor authentication (2FA) adds an extra layer of security to your domain account. Even if a hacker manages to guess or steal your password, they would still need access to a second form of verification (like a code sent to your phone) to gain access to your account.

Make sure to enable 2FA wherever possible. Most reputable domain registrars offer this feature as part of their account security options.

3. Lock Your Domain Name

Many domain registrars provide the option to lock your domain name, which prevents unauthorized transfers. When your domain is locked, it cannot be transferred to another registrar without your explicit approval.

This feature is crucial because it adds an extra layer of protection by ensuring that no one can easily hijack your domain and move it to a different registrar without your knowledge.

4. Choose A Reliable Domain Registrar

Your domain registrar plays a crucial role in protecting your domain name. It is essential to choose a reputable and trustworthy registrar with strong security features and a track record of reliable service. Look for registrars that offer additional security features, such as domain locking, 2FA, and SSL encryption.

Before selecting a registrar, research customer reviews, check for security certifications, and ensure they have a solid reputation in the industry.

5. Keep Your Domain Registration Information Up To Date

Always keep your contact information and domain registration details up to date. If hackers can gain access to your email or phone number associated with the domain, they could easily bypass security checks or reset your account password.

Make sure that the email address and phone number linked to your domain are active and secure. If you change your email or phone number, be sure to update it with your registrar immediately.

6. Use WHOIS Privacy Protection

WHOIS privacy protection (also known as domain privacy) allows you to keep your personal information private when someone performs a WHOIS lookup on your domain. Without privacy protection, your contact information, including your name, address, phone number, and email, is publicly visible, making it easier for hackers to gather details and attempt social engineering attacks.

Enabling WHOIS privacy protection is a simple way to keep your personal information safe and reduce the risk of your domain name being targeted.

7. Monitor Your Domain Name Regularly

To stay on top of potential threats, it’s important to monitor your domain name regularly. Many domain registrars offer tools that alert you to any changes made to your domain’s settings, such as DNS changes or account access attempts.

Set up notifications so that you are immediately alerted to any suspicious activity. Regular monitoring can help you detect unauthorized changes and respond quickly.

8. Avoid Phishing Scams

Phishing scams are one of the most common ways hackers attempt to steal domain login credentials. These scams typically involve fraudulent emails that appear to come from your domain registrar or other trusted sources.

To protect yourself from phishing scams:

  • Always double-check the sender’s email address to ensure it’s legitimate.
  • Don’t click on links or download attachments from unknown sources.
  • Contact your registrar directly through their official website or customer support channels if you receive a suspicious email.

9. Back Up Your Website and Domain Data

In case something goes wrong, always have a backup of your website and domain data. Regular backups ensure that even if your domain is compromised, you can quickly restore your website and minimize downtime.

Many hosting providers and domain registrars offer automated backup solutions. Consider using these services to make regular backups of your website, DNS settings, and domain registration details.

10. Keep Your Software and Security Systems Updated

Always keep your website’s software, plugins, and security systems up to date. This includes updating your content management system (CMS), security certificates, and any other tools or scripts you use to run your website.

Outdated software can have security vulnerabilities that hackers can exploit. Regularly updating your software and security patches ensures that your website and domain are protected against new threats.

Conclusion

Protecting your domain name from hackers is crucial for maintaining the security and integrity of your online presence. By following the tips outlined above, such as using strong passwords, enabling 2FA, and regularly monitoring your domain, you can significantly reduce the risk of domain hijacking and other security threats.

Remember that your domain name is an essential asset, and taking proactive steps to secure it will help ensure that your online identity remains safe from hackers.

Frequently Asked Questions

1. How Do I Protect My Domain Name From Hackers?

Protecting your domain name from hackers is critical to ensuring the security of your online identity. The first step is to use strong, unique passwords for your domain registrar account. Avoid using easy-to-guess passwords, and consider using a password manager to generate and store them securely. Additionally, enabling two-factor authentication (2FA) on your registrar account adds an extra layer of security, requiring a second form of verification (like a phone number) to log in.

Next, you should lock your domain. Domain locking prevents unauthorized transfers of your domain to another registrar, providing protection from hijackers trying to take over your domain. Make sure your contact information is updated in your domain registration account, especially your email and phone number, to avoid losing control of your domain if a password reset is needed.

Using WHOIS privacy protection also helps keep your personal details hidden from the public, reducing the risk of social engineering attacks. Lastly, monitor your domain regularly for any suspicious activity, and set up alerts with your registrar to notify you of any unauthorized changes. By following these practices, you can significantly reduce the risk of hackers gaining control of your domain.


2. What Are The Best Methods To Protect My Domain Name From Hackers?

The best methods to protect your domain name from hackers involve a multi-layered security approach. First, start by choosing a reputable domain registrar with strong security features. Look for registrars offering domain locking, two-factor authentication (2FA), and enhanced DNS protection.

Secondly, always use complex passwords that combine letters, numbers, and special characters. This makes it harder for hackers to guess or brute-force access to your account. Regularly change your password and avoid reusing it across different platforms.

In addition, enable two-factor authentication (2FA) for your domain registrar account. This extra security step requires a code sent to your phone or email, ensuring that even if someone steals your password, they can’t log in without the second form of verification.

Another critical method is to lock your domain. When your domain is locked, it cannot be transferred without your explicit permission. You should also activate WHOIS privacy protection to hide your personal details from public view, which reduces the risk of hackers using that information for social engineering attacks.

Finally, regularly monitor your domain for suspicious activity. Set up alerts with your registrar so that any unauthorized changes to your domain settings or account will trigger notifications, enabling you to take action immediately.


3. How Can I Secure My Domain Name Against Potential Hackers?

Securing your domain name involves proactive measures to prevent unauthorized access and domain hijacking. Start by using a strong, unique password for your registrar account, incorporating a mix of numbers, letters, and special characters. A password manager can help store and generate complex passwords securely.

Another vital step is enabling two-factor authentication (2FA) on your domain registrar account. This provides an additional security layer by requiring a second verification step, such as a code sent to your phone, which helps prevent unauthorized logins even if your password is compromised.

Locking your domain is another essential method. Many registrars offer domain locking, which ensures that your domain cannot be transferred to another registrar without your approval. This makes it significantly harder for hackers to hijack your domain.

WHOIS privacy protection is also crucial. When enabled, it hides your personal contact details from the public WHOIS database, reducing the chances of hackers using that information to target you. Additionally, keep your registrar contact information up-to-date, especially your email address and phone number, to avoid losing access to your account.

Finally, regularly monitor your domain settings and DNS records. Set up notifications to alert you of any changes, so you can respond quickly to any suspicious activity.


4. What Steps Can I Take To Safeguard My Domain Name From Hackers?

To safeguard your domain name, start with securing your registrar account. Use a strong password that includes a combination of uppercase and lowercase letters, numbers, and symbols. This makes it much harder for hackers to guess or crack your password. Additionally, enable two-factor authentication (2FA), which adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone.

Next, lock your domain with your registrar. Domain locking prevents unauthorized transfers of your domain name. Without this feature, hackers could easily transfer your domain to a different registrar, locking you out of your account. Make sure to enable this feature if it’s available.

You should also enable WHOIS privacy protection. This feature hides your personal contact information, like your email address and phone number, from public WHOIS records. It reduces the risk of hackers targeting you through social engineering tactics.

Another critical safeguard is regularly monitoring your domain account for suspicious activity. Set up alerts to notify you of changes to your domain settings, such as DNS modifications or changes in your contact details. Staying proactive ensures you can respond quickly to any unauthorized activity.

Finally, make sure your contact information is up-to-date, so you don’t lose access to your domain if you need to reset your password.


5. How Do I Prevent Domain Hijacking And Protect My Domain Name?

Domain hijacking occurs when an unauthorized individual gains control of your domain, often by exploiting weak security measures. To prevent domain hijacking, start by using a strong password and enabling two-factor authentication (2FA) on your domain registrar account. This ensures that even if your password is compromised, a hacker cannot access your account without the second verification method.

Domain locking is another crucial protection. This feature prevents your domain from being transferred without your explicit approval, adding an extra layer of security against unauthorized transfers.

WHOIS privacy protection is also essential. This feature hides your personal information from the public WHOIS database, making it harder for hackers to obtain details that could be used for social engineering attacks. Keep your contact information, including email and phone numbers, up to date to avoid losing access to your domain.

Regularly monitor your domain account for any suspicious activity. Set up alerts that notify you when any changes are made to your domain, such as DNS modifications or account access attempts. This proactive approach allows you to take immediate action if needed.

Lastly, consider using a reputable domain registrar with a strong track record of security and customer support, as this can significantly reduce the risk of domain hijacking.


6. Is It Possible To Protect My Domain Name From Hackers Without Using 2FA?

While two-factor authentication (2FA) is one of the most effective ways to secure your domain name, there are still other ways to protect your domain from hackers. However, it is highly recommended to use 2FA in combination with other security practices for maximum protection.

If you choose not to use 2FA, you must rely more heavily on strong password management. Use a password manager to generate and store unique, complex passwords for your registrar account. Avoid using easily guessed passwords, such as your name or birthdate, and consider making your password long and random.

Another critical security measure is locking your domain. Domain locking prevents unauthorized transfers of your domain name, making it harder for hackers to take control of your domain. Additionally, enabling WHOIS privacy protection hides your personal contact details from public databases, making it more difficult for hackers to target you.

Regularly monitor your domain for any unusual activity. Set up alerts with your registrar to notify you of any changes, such as DNS updates or account access attempts. These steps can provide protection even without 2FA, but it’s essential to recognize that 2FA offers a significant additional layer of security.


7. What Are The Risks If I Don’t Protect My Domain Name From Hackers?

If you neglect to protect your domain name from hackers, you risk losing control of your website and online identity. A hacker could hijack your domain and use it to redirect traffic to a malicious site, steal sensitive data, or cause reputational damage.

Additionally, if your domain name is hijacked, it can be transferred to another registrar without your consent, locking you out of your account. This can be a costly and time-consuming process to resolve. In some cases, your domain could be held for ransom by cybercriminals who demand payment to return it to you.

Without adequate protection, you also open yourself up to phishing attacks. Hackers may impersonate your domain’s registration provider, tricking you into providing sensitive information or credentials that they can use to gain access to your account.

Moreover, failure to secure your domain could lead to potential downtime, especially if your website is hijacked or redirected. This can affect your business operations, customer trust, and SEO rankings. For these reasons, it is crucial to implement proactive security measures to protect your domain name from hackers.


8. How Do I Know If My Domain Name Has Been Hacked?

To know if your domain name has been hacked, first monitor your domain registrar account for any unusual activity. Check for changes to your account information, such as email address, contact details, or DNS settings. If these details have been altered without your consent, your domain may have been compromised.

One clear sign that your domain has been hijacked is if your website is no longer accessible, or if visitors are being redirected to a different site. If your domain is transferred to a different registrar without your approval, it could also be a sign of a hack.

Another indicator is receiving unsolicited emails from your domain registrar about changes you did not initiate, such as password resets or account access notifications. These may be attempts by hackers to gain further control of your domain.

To detect domain hijacking early, enable alerts with your domain registrar to notify you of any changes made to your account. Also, check your WHOIS records to ensure that your contact information has not been altered without your permission.


9. What Security Features Should I Look For In A Domain Registrar To Protect My Domain Name From Hackers?

When selecting a domain registrar, look for security features that provide robust protection for your domain name. One key feature is domain locking, which prevents unauthorized transfers of your domain without your explicit approval. This can be crucial in preventing hijackers from taking control of your domain.

Another important feature is two-factor authentication (2FA), which adds an extra layer of security by requiring a second form of verification (such as a phone number) to access your account. This makes it much harder for hackers to gain access, even if they know your password.

WHOIS privacy protection is also an essential security feature to consider. This service hides your personal contact information from public WHOIS records, making it harder for hackers to target you with social engineering attacks.

Additionally, choose a registrar that offers monitoring and alerting services. This will notify you if there are any changes made to your domain or account settings, helping you detect and respond to potential threats promptly.

Lastly, ensure that your registrar has a solid reputation for security and customer support. Read reviews and check for certifications that indicate the registrar’s commitment to protecting your data.


10. How Can I Use Strong Passwords To Protect My Domain Name From Hackers?

Using strong passwords is one of the most effective ways to protect your domain name from hackers. A strong password should be long, unique, and difficult for hackers to guess. Avoid using common words, such as your name or birthdate, and incorporate a mix of uppercase and lowercase letters, numbers, and special characters.

To create a strong password, follow these tips:

  1. Aim for a password that is at least 12-16 characters long.
  2. Use random combinations of letters, numbers, and symbols rather than predictable patterns.
  3. Avoid reusing passwords across different accounts, especially for sensitive services like your domain registrar.

A password manager can help you generate and store complex passwords securely. These tools also allow you to use unique passwords for every account, reducing the risk of a security breach if one of your accounts is compromised.

It’s also a good practice to change your password regularly, especially if you suspect any security threats. Combine strong passwords with other security measures, such as two-factor authentication (2FA) and domain locking, to provide the best protection for your domain name.


11. Does Enabling Two-Factor Authentication Protect My Domain Name From Hackers?

Yes, enabling two-factor authentication (2FA) is one of the best ways to protect your domain name from hackers. 2FA adds an extra layer of security to your registrar account by requiring you to provide two forms of identification before you can log in. Typically, this involves entering a code sent to your mobile phone or email, in addition to your password.

Even if a hacker manages to steal your password, they cannot access your account without the second factor of verification. This makes it significantly more difficult for hackers to gain control of your domain name.

2FA is available with most reputable domain registrars, and it’s highly recommended to enable it as soon as possible. In addition to using 2FA, you should also use strong, unique passwords for your registrar account, lock your domain, and monitor your domain settings for any suspicious activity.

By enabling 2FA, you drastically reduce the chances of a successful attack on your domain name, as hackers would need both your password and access to your second verification method to gain control.


12. What Is Domain Locking, And How Does It Help Protect My Domain Name From Hackers?

Domain locking is a security feature offered by most domain registrars that prevents unauthorized transfers of your domain name. When a domain is locked, it cannot be transferred to another registrar without your explicit consent. This makes it much harder for hackers to hijack your domain and move it to a different registrar.

When a domain is locked, any attempts to transfer it to another registrar will be blocked until you manually unlock the domain in your registrar account. This ensures that only authorized users can make changes to your domain’s registration details.

To protect your domain name from hackers, always enable domain locking. It adds an additional layer of protection against domain hijacking and ensures that even if your account credentials are compromised, the hacker cannot easily transfer your domain to another registrar.

Keep in mind that while domain locking offers strong protection, it should be used in conjunction with other security measures, such as two-factor authentication (2FA), strong passwords, and WHOIS privacy protection, to provide comprehensive security for your domain name.


13. How Often Should I Change My Password To Protect My Domain Name From Hackers?

Changing your password regularly is a good practice to help protect your domain name from hackers, but the frequency depends on your specific situation. If you suspect that your account may have been compromised or you’ve received suspicious activity alerts, it’s best to change your password immediately.

For general security, it’s recommended to change your password every three to six months. However, if you use a strong, unique password and enable additional protections like two-factor authentication (2FA), you may not need to change it as often.

To create a strong password, use a combination of letters, numbers, and symbols, and avoid using common words or phrases. Consider using a password manager to securely generate and store complex passwords. Also, make sure that your password is unique to your domain registrar account and not reused across other services.

Changing your password regularly, in combination with other security measures like domain locking and WHOIS privacy protection, will help ensure that your domain remains safe from hackers.


14. Can I Protect My Domain Name From Hackers By Using WHOIS Privacy Protection?

Yes, WHOIS privacy protection is an important tool in safeguarding your domain name from hackers. This service hides your personal contact details, such as your email address, phone number, and physical address, from the public WHOIS database. Without privacy protection, hackers can easily access this information and use it for targeted social engineering attacks.

WHOIS privacy protection ensures that only the registrar’s contact details are publicly displayed, making it harder for hackers to find and target you. This is especially important if your personal information is used to initiate account recovery processes or if hackers are trying to perform phishing attacks.

While WHOIS privacy protection won’t stop all forms of hacking, it does reduce the risk of attacks based on personal information. Combine WHOIS privacy with other security measures like strong passwords, two-factor authentication (2FA), and domain locking for more comprehensive protection.


15. How Can I Monitor My Domain Name For Suspicious Activity To Protect It From Hackers?

Regularly monitoring your domain is essential for detecting suspicious activity early and protecting your domain name from hackers. Most domain registrars offer monitoring services that alert you to changes made to your domain account, such as DNS updates, account logins, or email address changes.

To get the most out of these monitoring services, set up notifications for any changes to your domain settings or account details. This way, if someone attempts to access or modify your domain, you’ll be notified immediately and can take action quickly.

Also, monitor your WHOIS records to ensure that your contact details remain unchanged. If you notice any discrepancies, contact your registrar right away.

By staying proactive and checking for signs of unauthorized access, you can respond swiftly to any potential threats and minimize the damage caused by hackers.


16. What Are The Consequences If I Fail To Protect My Domain Name From Hackers?

If you fail to protect your domain name from hackers, the consequences can be severe. The most immediate risk is domain hijacking, where hackers take control of your domain and potentially transfer it to a different registrar. This could result in losing access to your website, email, and other services associated with your domain.

In some cases, hackers may redirect traffic from your domain to a malicious website, potentially leading to phishing attacks, malware infections, or the theft of personal data from your visitors. This can damage your reputation and result in financial loss.

If your domain is hijacked, you may face difficulties in recovering it, as some cybercriminals may demand a ransom for its return. The process of recovering a hijacked domain can be time-consuming and costly, especially if the hacker has already transferred the domain to another registrar or made changes that lock you out of your account. This could result in significant downtime for your website, which could affect your business operations, customer trust, and search engine rankings.

Additionally, failing to secure your domain can make it easier for hackers to carry out phishing or social engineering attacks. If they gain access to your domain registrar account, they could use it to impersonate you or your business, tricking customers or partners into sharing sensitive information.

In the worst-case scenario, if your domain is compromised and used maliciously, you might face legal consequences or damage to your brand’s reputation. Therefore, it is essential to take the necessary steps to protect your domain name, including using strong passwords, enabling two-factor authentication (2FA), locking your domain, and monitoring it for suspicious activity.


17. How Do I Protect My Domain Name From Hackers When I Have Multiple Domains?

Protecting multiple domains from hackers involves applying the same security best practices to each of your domain accounts. Start by using a reliable domain registrar that offers strong security features, such as two-factor authentication (2FA), domain locking, and WHOIS privacy protection.

If you manage multiple domains, consider consolidating them under one account for easier management and oversight. Ensure that you use a unique and strong password for each registrar account. Avoid reusing passwords across different accounts, especially for domains that are critical to your business or personal identity.

Additionally, set up alerts for each domain to notify you of any changes or suspicious activity. This can include notifications for DNS changes, account login attempts, or changes to your contact details. Having this level of monitoring in place ensures that you can act quickly if a hacker attempts to gain control of one of your domains.

Consider using a domain management service or a centralized dashboard that can help you track and manage the security of all your domains in one place. Regularly review the security settings for each domain and make sure they are all locked and protected with 2FA.

By staying vigilant and implementing these practices, you can secure all your domains from potential hackers.


18. Should I Use A Domain Management Service To Protect My Domain Name From Hackers?

Using a domain management service can be a great way to enhance the security of your domain name, especially if you manage multiple domains. These services provide centralized control over all your domain accounts, allowing you to monitor and manage security settings more efficiently.

Domain management services often include features like multi-factor authentication (MFA), alert notifications for suspicious activity, and bulk domain management tools. This can help you track changes and ensure that all your domains are locked, have updated contact information, and are protected by WHOIS privacy.

Many domain management services also offer enhanced security features, such as DNS security extensions (DNSSEC), which adds an additional layer of protection to your domain’s DNS records. These services often provide you with tools to quickly respond to unauthorized changes, helping you maintain control over your domains and prevent potential hijacking attempts.

Furthermore, some domain management services offer 24/7 customer support, which can be helpful if you encounter any security issues or need assistance in securing your domains. Overall, using a domain management service can streamline the process of securing and protecting your domains, especially for businesses with multiple domains to manage.

However, it’s important to combine these services with other security practices, such as strong passwords, 2FA, and regular monitoring, to ensure your domain names are fully protected.


19. What Are The Signs That My Domain Name Has Been Targeted By Hackers?

There are several signs that your domain name may have been targeted by hackers. One of the most common indicators is if you receive unexpected notifications or emails from your domain registrar about changes that you did not initiate. These could include password reset requests, changes to your contact information, or domain transfer requests. If you don’t recognize or approve these actions, they could be signs of a hack.

Another sign is if your website suddenly goes down or becomes inaccessible. If your domain has been hijacked, hackers could redirect your website’s traffic to a malicious site or take it offline entirely. Similarly, if your domain’s DNS settings are changed without your consent, visitors may be unable to reach your website.

You should also watch for unexpected charges or changes to your account. If your domain is transferred to a different registrar without your approval, you may notice changes to your billing or account settings. This can be a clear sign that a hacker has gained access to your account.

To stay ahead of potential threats, regularly monitor your domain’s WHOIS records, as well as your registrar account for any suspicious activity. If you notice any of these warning signs, contact your registrar immediately to take action and regain control of your domain.


20. How Can I Avoid Phishing Scams That Could Lead To My Domain Name Being Hacked?

Phishing scams are one of the most common ways hackers attempt to gain access to your domain name. These scams typically involve tricking you into revealing sensitive information, such as your login credentials, through deceptive emails or fake websites. To avoid phishing scams and protect your domain name, follow these best practices:

First, be cautious of unsolicited emails that ask for personal information or account details. Legitimate organizations, including domain registrars, will not request sensitive information via email. Verify the sender’s email address and be wary of any emails that contain suspicious links or attachments.

Second, always double-check URLs before clicking any links in emails. Phishing emails often contain fake URLs that resemble the legitimate website but have slight variations, such as misspelled domain names or added characters. Type the website address directly into your browser instead of clicking on email links to ensure you are visiting the official site.

Additionally, enable two-factor authentication (2FA) on your registrar account, which adds an extra layer of protection against unauthorized logins, even if your credentials are stolen through phishing.

Finally, educate yourself and your team members about phishing tactics and encourage safe online practices. Regularly update your passwords and use strong, unique passwords for your registrar accounts to further minimize the risk of being targeted by hackers.

FURTHER READING

A Link To A Related External Article:

How To Protect Yourself From Domain Hijacking / Theft

Leave a Reply

Your email address will not be published. Required fields are marked *