The most common kind of domain name lease agreement is where the lessee pays monthly "rent" for the use of a domain name over a period of time, and at the end of this term, either will own the domain name or have a right to "buy it out" with a final payment. The reason that this type of "lease to own" arrangement is the most common, is that leasing a domain name generally allows a lessee to obtain the use of a domain name that it would otherwise be unable to afford.

3. Will the domain name be held by the domain name owner, or be held in escrow by a third party?When a lessee is considering making substantial monthly lease payments for the use and potentially the ownership of a domain name, the lessee will often want some security that the domain name will not be rented, sold, or even lost, to someone else, while he or she is making the lease payments to the domain name owner.

The lessee may therefore request that once the lease agreement is signed, and the first payment is made, that the domain name be transferred to an escrow agent for the duration of the payment term, so that once all payments are complete, the domain name may be transferred to the lessee, who by then has become the owner of the domain name. Alternatively, the lessee might be concerned that through negligence or malfeasance, the domain name owner might terminate the lessee's use of the domain name while it is being paid for by the lessee, and the lessee therefore wants the security of knowing that it is in the hands of a neutral third party.

From the domain name owner's perspective, it is always preferable of course to maintain the ownership and control of the domain name while a lease agreement is pending. Accordingly, this important aspect is often a key part of the domain name lease negotiation, and will often depend on the value and the importance of the domain name to both parties.

4. Are there any restrictions on the lessee's use of the domain name?Once you sell a domain name, you won't really care what the new owner does with it. But just like when you are renting an apartment to someone, you will care what they use it for while they are renting it from you. For example, you won't want the tenant to damage the property, try to sell it from under you, have the police called to late night parties or for illegal activities, or use it as a store when it is supposed to be a residential unit.

The same kind of considerations apply when leasing out a domain name. If you are the domain name owner, you will want to have provisions included in your domain name lease agreement that restrict the kinds of things that the lessee is permitted to use the domain name for. Examples of these kind of restrictions might include not using the domain name for any kind of unlawful purpose, such as spamming or child pornography. Furthermore, a domain name owner may sometimes insist that the lessee disclose exactly what kind of good or service will be provided in association with the domain name, and have the lessee agree to not stray from that agreed use at all.

5. Are there any potential trademark issues?When negotiating and entering into a domain name lease agreement, is is important to determine whether the domain name is being leased "free of any potential trademark issues", or whether it is up to the lessee to satisfy himself that the domain name can be lawfully used without attracting allegations of infringement which can greatly affect the domain name owner as well as the lessee.

Generally, a domain name owner will make it so that it is up to the lessee to be responsible for ensuring that his use of the domain name during the lease term, will not infringe any third party's trademark rights. Nevertheless, the domain name owner will want to keep an eye on this as well, since as long as the domain name is owned by the domain name owner, the domain name owner will need to ensure for itself, that its valuable property is not being risked through trademark infringing activity. Furthermore, if any claim arises, the domain name owner, and the lessee for that matter, will both have an important interest in being notified so as to deal with any such claim. Accordingly, notice provisions and indemnification provisions are key components of any domain name lease agreement.

6. What happens if there is a breach?When negotiating a domain name lease agreement, it is crucial to include provisions that deal with unintended situations, such as when the lessee stops paying the rent, or if the lessee misuses the domain name. Normally there will be a "curative period", where the breaching party is able to cure its default, but sometimes the breach may be so serious, such as when a domain name is being used for illegal activities which threaten the domain name owner's ownership of the domain name, that there will not be an opportunity to provide a curative period before the domain name owner has to change the DNS settings so as to "lock out" the lessee.

Nevertheless, often it is possible to negotiate and arrange a way for the lessee to buy out the domain name in such circumstances, even when there is a serious breach, since the lessee may want to just take over the domain name, and the domain name owner will be just as happy to sell it for an agreed price at that point.

7. Where do disputes get resolved?When there is a dispute over a term or condition of a domain name lease agreement, a good domain name lease agreement will include a "governing law" and "jurisdiction" clause. This kind of provision will ensure that it is clear that the parties have agreed to have any dispute decided by either a judge or an arbitrator, but will also often specify where the dispute is supposed to be resolved, e.g. where either the domain name owner or the lessee is located, and also deal with what language and what state or country's law will apply.

The degree of attention and concern that gets paid to this particular aspect will generally depend on the value of the domain name and the importance of the domain name to the parties. If it is a very valuable domain name, then it will be very important for both the domain name owner and the lessee to have the dispute decided close to home. But since that is often impossible since the parties are located far apart, then a middle ground can often be negotiated. On the other hand, sometimes a domain name owner will choose to accommodate the lessee's choice for jurisdiction, particularly if the domain name is being held throughout the term of the lease by the domain name owner, and not in escrow.

Google Authorship authors have linked their websites to their Google+ profiles. Meaning that all the content they write about will appear in Google results pages along with their photo showing their Authorship status. So if they write about your company on their website, it will show up with Google and link back to your site. Industry analysts estimate that adding content using authors who belong to Google Authorship can increase traffic to your site by as much as 500%. You may have noticed recently, when you do a Google search, it pulls up a search results page showing people’s photos next to some of the listings. They link and then add the Google Authorship markup to one of the links. That’s a “Rich Snippet” – a Google verified profile. It makes the listing really stand with more visibility. This is thanks to the Google Authorship program. By signing up on Google+ Authorship, content authors are able to link their content to Google results pages along with their photo, via their new G+ Authorship Profile. This gives higher search results in a much shorter timeframe.

The Google Authorship program protects webmaster content. Google Authorship webmasters can link content they publish on their domain to their Google+ profile. Consequently, their content is tracked by Google. If another person  plagiarizes content by copying content and pasting it into another website – Google will downgrade their page.

1. Set up your Google+ Profile Page. Gmail users already have a Google+ account.
2. Add contributor links. Go to your Google+ profile page and click ‘Edit Profile’ then the ‘About’ tab, then scroll down until you find the profiles. Click ‘Add Custom Link’. Add links to wherever you post content or wherever on the web you connect with others, including social media accounts.
3. Post frequently to your Google+ page. This builds a history of fresh content. This is important for Google to track you as a topic authority, and it gets people to look at your page.
4. After you’ve created a Google+ Authorship Profile, wait several days for Google to recognize changes. Then you will begin to see your Authorship photos appear in search results. You’ll also want to provide your Google+ ID when guest-posting.

More info at AuthorLinks.net

5. Registry
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices]

6. c:\windows\wininit.ini
'Often Used by Setup-Programs when the file exists it is run ONCE and then is deleted by     windows
Example: (content of wininit.ini)
[Rename]
NUL=c:\windows\picture.exe
'This example sends c:\windows\picture.exe to NUL, which means that it is deleted. This requires no interactivity with the user and runs totaly stealth.

7. Autoexec.bat
Starts everytime at Dos Level.

8. Registry Shell Spawning
[HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*"
[HKEY_CLASSES_ROOT\comfile\shell\open\command] @="\"%1\" %*"
[HKEY_CLASSES_ROOT\batfile\shell\open\command] @="\"%1\" %*"
[HKEY_CLASSES_ROOT\htafile\Shell\Open\Command] @="\"%1\" %*"
[HKEY_CLASSES_ROOT\piffile\shell\open\command] @="\"%1\" %*"
[HKEY_LOCAL_MACHINE\Software\CLASSES\batfile\shell\open\command] @="\"%1\" %*"
[HKEY_LOCAL_MACHINE\Software\CLASSES\comfile\shell\open\command] @="\"%1\" %*"
[HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\command] @="\"%1\" %*"
[HKEY_LOCAL_MACHINE\Software\CLASSES\htafile\Shell\Open\Command] @="\"%1\" %*"
[HKEY_LOCAL_MACHINE\Software\CLASSES\piffile\shell\open\command] @="\"%1\" %*"

 The key should have a value of Value "%1 %*", if this is changed to "server.exe %1 %*", the server.exe is executed EVERYTIME an exe/pif/com/bat/hta is executed. Known as Unkown Starting Method and is currently used by Subseven.

9. Icq Inet
[HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\test]
"Path"="test.exe"
"Startup"="c:\\test"
"Parameters"=""
"Enable"="Yes"

[HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\
This key includes all the APPS which are executed IF ICQNET Detects an Internet Connection.

10. Misc Information
[HKEY_LOCAL_MACHINE\Software\CLASSES\ShellScrap]
@="Scrap object" "NeverShowExt"=""

 The NeverShowExt key has the function to HIDE the real extension of the file (here) SHS. This means if you rename a file as "Girl.jpg.shs" it displays as "Girl.jpg" in all programs including Explorer. Your registry should be full of NeverShowExt keys, simply delete the key to get the real extension to show up.

XP – C:\Documents and Settings\Username\Local Settings\Application Data\Google\Chrome\User Data\Default
Vista – C:\Users\Username\Appdata\Local\Google\Chrome\User Data\Default

Trillian:
Note- The new version of trillian the passwords made be stored/encrypted differently
Trillian Passwords are stored in .ini files the first character of the password is encrypted with XOR with the key 243 then the password is converted into hex. The file is based on what the password is for so if it was icq it would be icq.ini (for new versions I think they are all stored in a file called accounts.ini or something similar if you open it up with notepad you will see all the data + the encrypted password). The files are stored in the following location:

XP (old version) – C:\Program Files\Trillian\users\
XP (new version) – C:\Documents and Settings\Username\Local Settings\Application Data\Trillian\user\global – I am not sure on exact but it is somewhere their
Vista (old version)- C:\Program Files\Trillian\users\
Vista (new version)- C:\Users\Username\Appdata\Roaming\Trillian\user\gl obal

MSN /Windows Live Messenger:
MSN Messenger version 7.x: The passwords are stored under HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\C reds\[Account Name]
Windows Live Messenger version 8.x/9.x: The passwords are stored in the Credentials file, with entry name begins with “WindowsLive:name=”. They a set of Win API functions (Credential API’s) to store its’ security data (Credentials). These functions store user information, such as names and passwords for the accounts (Windows Live ID credentials). Windows Live ID Credential records are controlled by the operating system for each user and for each session. They are attached to the “target name” and “type”. If you are familiar with SQL you can think of target name and type as the primary key. Table below lists most frequently used fields in Windows Live ID Credential records.

Paltalk:
Paltalk Passwords are using the same password encryption algorithm. Paltalk passwords are stored in the registry. To encrypt the new password Paltalk looks at the serial number of the disk C:\ and performs a mix with the Nickname. The resulting string is then mixed again with the password and some other constants. The final string is then encoded and written to the registry.
AIM, ICQ and Yahoo Messenger passwords that are stored by Paltalk are encoded by BASE64 algorithm.
The passwords are stored in the Registry, under HKEY_CURRENT_USER\Software\Paltalk\[Account Name]

Google Talk:
Google Talk passwords are encoded/decoded using Crypto API. Encrypted Gmail passwords are stored by Google Talk in the registry under HKEY_CURRENT_USER\Software\Google\Google
Talk\Accounts\[Account Name]

Firefox:
Click Me!!!!

The passwords are stored in one of the following filenames: signons.txt, signons2.txt, and signons3.txt (depends on Firefox version)
These password files are located inside the profile folder of Firefox, in [Windows Profile]\Application Data\Mozilla\Firefox\Profiles\[Profile Name]
Also, key3.db, located in the same folder, is used for encryption/decription of the passwords.

Yahoo Messenger 6.x:
The password is stored in the Registry, under HKEY_CURRENT_USER\Software\Yahoo\Pager
(”EOptions string” value)

Yahoo Messenger 7.5 or later:
The password is stored in the Registry, under HKEY_CURRENT_USER\Software\Yahoo\Pager – “ETS” value.
The value stored in “ETS” value cannot be recovered back to the original password.

AIM:
AIM uses Blowfish and base64 algorithms to encrypt the AIM passwords.
448-bit keyword is used to encrypt the password with Blowfish. The encrypted string is then encoded using base64. The passwords are stored in the Registry, under HKEY_CURRENT_USER\Software\America Online\AIM6\Passwords

No Ip (easy to make in vb.net):
Passwords encoded with Base64 you can find the account information in the following locations

HKEY_LOCAL_MACHINESOFTWARE\Vitalwerks\DUC\”, “Password”
HKEY_LOCAL_MACHINESOFTWARE\Vitalwerk\sDUC\”, “Checked”
HKEY_LOCAL_MACHINESOFTWARE\Vitalwerks\DUC\”, “Username
KEY_LOCAL_MACHINE\SOFTWARE\Vitalwerks\DUC\”, “ProxyUsername
HKEY_LOCAL_MACHINE\SOFTWARE\Vitalwerks\DUC\”, “ProxyPassword”
HKEY_LOCAL_MACHINE\SOFTWARE\Vitalwerks\DUC\”, “Hosts”

Filezilla:
Passwords are stored in a .xml file located in Filezilla on appdata their is sources for this

Internet Explorer 4.00 – 6.00:
The passwords are stored in a secret location in the Registry known as the “Protected Storage”.
The base key of the Protected Storage is located under the following key:
“HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider”.
You can browse the above key in the Registry Editor (RegEdit), but you won’t be able to watch the passwords, because they are encrypted.
Also, this key cannot easily moved from one computer to another, like you do with regular Registry keys.

Internet Explorer 7.00 – 8.00:
The new versions of Internet Explorer stores the passwords in 2 different locations.
AutoComplete passwords are stored in the Registry under HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2.
HTTP Authentication passwords are stored in the Credentials file under Documents and Settings\Application Data\Microsoft\Credentials , together with login passwords of LAN computers and other passwords.

Opera:
The passwords are stored in wand.dat filename, located under [Windows Profile]\Application Data\Opera\Opera\profile

Outlook Express (All Versions):
The POP3/SMTP/IMAP passwords Outlook Express are also stored in the Protected Storage, like the passwords of old versions of Internet Explorer.

Outlook 98/2000:
Old versions of Outlook stored the POP3/SMTP/IMAP passwords in the Protected Storage, like the passwords of old versions of Internet Explorer.

Outlook 2002-2008:
All new versions of Outlook store the passwords in the same Registry key of the account settings.
The accounts are stored in the Registry under HKEY_CURRENT_USER\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\[Profile Name]\9375CFF0413111d3B88A00104B2A6676\[Account Index]
If you use Outlook to connect an account on Exchange server, the password is stored in the Credentials file, together with login passwords of LAN computers.

ThunderBird:
The password file is located under [Windows Profile]\Application Data\Thunderbird\Profiles\[Profile Name]
You should search a filename with .s extension.

Digsby:
The main password of Digsby is stored in [Windows Profile]\Application Data\Digsby\digsby.dat
All other passwords are stored in Digsby servers.

* Carol D. Leonnig (2007-01-07). "Report Rebuts Bush on Spying - Domestic Action's Legality Challenged". The Washington Post. Retrieved 2008-03-03

** Cheryl Gerber (2008-09-18). "Deep Security: DISA Beefs Up Security with Deep Packet Inpection of IP Transmissions". Retrieved 2008-10-30.

Evernote moved to assure customers that their data and payment information remained safe, but conducted a password reset for all 50 million users across its services. The breach, which apparently happened in late February, allowed the attackers to access user names and email addresses of Evernote users, the company stated. The criminals also accessed the encrypted password file, the company said in a post on its Website. "Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)" the company stated on the site. "While our password encryption measures are robust, we are taking additional steps to ensure that your personal data remains secure." To store secure passwords, the data is typically hashed, or scrambled using a one-way encryption function. Strong hashing uses "salt," which is a random number that prevents attackers from easily using a variety of attacks.

Cloud service companies, which collect information on a massive number of users, have become targets for hackers and cyber-criminals. In June 2012, business networking service LinkedIn acknowledged that the hashed, but not salted, passwords for nearly 6.5 million users had been stolen. The company became the target of a class-action lawsuit later that month. So far, neither the Evernote password file nor decrypted passwords appear to have been posted online, said Steve Thomas, co-founder of PwnedList, which tracks accounts information that has publicly been posted.Evernote claims that it had used a unique seed, or salt, for the password hashing, to make recovering the passwords much more difficult for the attackers, assuming that they did not get access to the salts along with the passwords, Thomas said. "The concern is where the salt was kept, and if the hackers got access to the salt," he said. "If the salt was also stolen, or there was a unique salt for each password, but the salt was also in the database, then we would expect with a little bit of effort, a large number of the hashes can be reversed."

If some fraction of the password file can be decrypted, it still represents a danger for users, even after they have changed their passwords on Evernote's system, because a large percentage of individuals—between 50 percent and 80 percent, according to studies of previous breaches—reuse their passwords. "Individuals should also be concerned about any other services where they used the same password as the one that was stolen," Thomas said. "Individuals should always assume that a password is vulnerable, regardless of if it was hashed and salted, as soon as it is in the hands of a hacker."

Evernote represents a treasure trove of user information. In June, Evernote announced it had 34 million users. That number expanded to 45 million in December and 50 million as of February.