Domain Registrars Should Reset All EPP Codes

Andrew Allemann reported about changes that are coming to domain name transfers, and it is a bit concerning to me. You can read about the new, hopefully temporary transfer authorization process on Domain Name Wire, but this is the part that concerns me:

In many cases, domain name registrars will not be able to get the registrant email address from Whois that is necessary to send a Form of Authorization when someone transfers a domain name to them. As a result, gaining registrars will be allowed to skip the Form of Authorization requirement.” (emphasis added by me).

From what I understand, domain registrars are responsible for generating EPP authorization codes. Each registrar may have its own process for creating them and for updating them regularly or periodically. With the new transfer process coming into play, I think it is very important for domain registrars to reset all EPP authorization codes. If that would be a major inconvenience for customers who are in the middle of a domain transfer, perhaps the EPP codes could be reset for those that were requested more than 30 days ago.

It would appear that someone could possibly use an old EPP code that wasn’t regenerated by the registrar in order to initiate a domain transfer. If the current registrant does not cancel the transfer in the allotted period of time, the transfer will proceed. I am sure many people ignore emails from their registrar. Some probably go to spam and others are probably ignored because the registrant thinks it is a marketing solicitation. Perhaps more savvy registrants will understand that it is a transfer request and simply assume that not confirming the transfer will be enough to stop it. This would be a mistake. Obviously transferring a domain name without permission is illegal, but there are unsavory people who might try to take advantage of this.

I urge all registrars to refresh their EPP codes, perhaps excluding those that were requested in the last 2 weeks or maybe 30 days. This might be an inconvenience for some registrants who are in the middle of a domain transfer, but if that inconvenience can help prevent domain theft, I think it is probably worthwhile.

I also urge registrants to ensure their transfer lock is enabled as this could also prevent an unauthorized transfer.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn

1 COMMENT

  1. Unless, it’s a sale, it would be advisable to renew the domains at the current registrar for the next week/month till this process is more clearly defined or the registrars have got their act together.
    True, this might result in slightly higher renewal fees (probably one of the main criteria’s for a non sale transfer) but safety of domains more important than that I would think.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recent Posts

TRC.com Sets Auction Record at Sav.com

5
TRC.com expired at the end of November 2024. The domain name was apparently registered at a domain registrar that doesn't have a deal with...

Consider Removing “WHOIS” from Domain Name Contracts

0
I use several different domain name purchase or sale agreements depending on the situation. Each of these agreements references "WHOIS" as a means of...

I Appreciate Having a Broker as a Counterparty

10
I appreciate being able to discuss the sale of a domain name with a domain broker representing a third party. Not only does this...

Gong.com UDRP Should be RDNH

1
The Gong Show was a television talent show on ABC in the late 1970s. Contestants would perform a variety of acts while being judged...

Top 5 Domain Names in 2025 Super Bowl Commercials

3
The Super Bowl was played last night, and a great deal of attention was on the Super Bowl commercials. In the recent past, domain...