Registrars Should Share Recent Login Information

When someone attempts to log in to an account at Name.com with an incorrect password, the email address associated with the login ID receives a failed login notification. This can inform the account holder that someone is trying to access an account without permission, which is useful. Taking it a step further, Name.com also allows users see the most recent login attempts (failed and successful). I think all registrars should offer this feature.

As helpful as it may be to know someone failed to log-in to an account, it would be even more helpful to know someone was able to gain access to an account. By that point, domain names in the account are likely vulnerable, but at least the log-in is noted and available to analyze. People who are more vigilant may wish to check this on a regular basis to ensure unauthorized parties do not have account access, but it would be helpful to know when someone else logged into an account in addition to knowing when someone tried but failed to log-in to an account.

An additional helpful feature registrars might consider offering is an automated email notifying the user every time a log-in was attempted, whether successful or not. Sure, this might get annoying if someone logs into their account multiple times per day, but the one time an account is accessed unlawfully, the user would be able to report the security breach and protect the account rapidly. WordFence, a WordPress plugin that is widely used, offers this feature. It would be great to see this implemented at domain registrars.

These security features aside, I strongly recommend adding 2 factor authentication on all domain registrar accounts. Whether you add 2FA via Google Authenticator, text message, Yubikey, or other option offered by registrars, this is the first line of defense for domain investors and domain registrants. It is also advisable to use different login IDs at different registrars, and obviously do not re-use passwords for different accounts.

Kudos to Name.com for allowing customers to see all logins.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn

5 COMMENTS

  1. I agree – it should be an option you can toggle on or off. PorkBun sends you an email after you’ve logged in. At first I felt like I don’t need that, but now I support it 100% and would like it to be available everywhere.

  2. NameSilo offers to send you emails every time someone logins successfully or unsuccessfully. I don’t find it annoying at all – I think it is a great feature. You can also set up to five additional security questions that must be answered before you make certain updates.

    Dynadot shows IP addresses of recent logins in your account, but they really should offer to send emails as well.

    Epik has IP whitelist, but I fear I will screw that up and lock myself out 😉

    • Thanks for sharing that. I did not know some registrars already offered this. Would be great to see more of them with this.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recent Posts

Darpan Munjal Doing AMA on X

1
I have always appreciated how Atom.com CEO Darpan Munjal has been willing to share data freely. It's helpful to see what types of domain...

Results from One Month with Afternic Boost

18
Afternic began charging for its upgraded "Boost" features on September 4th. Instead of paying 15% commission for selling a domain name via Afternic with...

Video: How Anime.com was Acquired

2
I heard the Anime.com domain name had been recently acquired, but I knew nothing about it. Anime is a a style of Japanese animation,...

Negotiating Like Double Down Video Poker

0
When I was 18, I went on a Royal Caribbean cruise with my family. It was the first time I was able to gamble...

Spaceship Now Offering Sedo MLS Fast Transfer

2
Spaceship Founder Richard Kirkendall announced that Sedo MLS Fast Transfer capabilities are now available for domain names registered at Spaceship: Sedo MLS fast transfer for...