Registrars Should Share Recent Login Information

When someone attempts to log in to an account at with an incorrect password, the email address associated with the login ID receives a failed login notification. This can inform the account holder that someone is trying to access an account without permission, which is useful. Taking it a step further, also allows users see the most recent login attempts (failed and successful). I think all registrars should offer this feature.

As helpful as it may be to know someone failed to log-in to an account, it would be even more helpful to know someone was able to gain access to an account. By that point, domain names in the account are likely vulnerable, but at least the log-in is noted and available to analyze. People who are more vigilant may wish to check this on a regular basis to ensure unauthorized parties do not have account access, but it would be helpful to know when someone else logged into an account in addition to knowing when someone tried but failed to log-in to an account.

An additional helpful feature registrars might consider offering is an automated email notifying the user every time a log-in was attempted, whether successful or not. Sure, this might get annoying if someone logs into their account multiple times per day, but the one time an account is accessed unlawfully, the user would be able to report the security breach and protect the account rapidly. WordFence, a WordPress plugin that is widely used, offers this feature. It would be great to see this implemented at domain registrars.

These security features aside, I strongly recommend adding 2 factor authentication on all domain registrar accounts. Whether you add 2FA via Google Authenticator, text message, Yubikey, or other option offered by registrars, this is the first line of defense for domain investors and domain registrants. It is also advisable to use different login IDs at different registrars, and obviously do not re-use passwords for different accounts.

Kudos to for allowing customers to see all logins.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


  1. I agree – it should be an option you can toggle on or off. PorkBun sends you an email after you’ve logged in. At first I felt like I don’t need that, but now I support it 100% and would like it to be available everywhere.

  2. NameSilo offers to send you emails every time someone logins successfully or unsuccessfully. I don’t find it annoying at all – I think it is a great feature. You can also set up to five additional security questions that must be answered before you make certain updates.

    Dynadot shows IP addresses of recent logins in your account, but they really should offer to send emails as well.

    Epik has IP whitelist, but I fear I will screw that up and lock myself out 😉

    • Thanks for sharing that. I did not know some registrars already offered this. Would be great to see more of them with this.

Leave a Reply

Recent Posts Acquired for More than $10 Million

Last week, Hilco Digital's Andrew Miller shared that he and Larry Fischer brokered the sale of the domain name. Andrew mentioned that it...

Hilco Digital Assets Announces $10m Investment in Squadhelp

Squadhelp has become a leading brand naming marketplace, connecting business owners and entrepreneurs with domain names listed for sales on its platform. Led by...

Questions Related to Uni —> Afternic Parking Migration

If you are a Uniregistry customer, you most likely received an email explaining the upcoming migration of the Uniregistry Market and parking platform to...

Some Uni-Registered New gTLDs Will be Transferred to 1API

I received an email from Uni (formerly Uniregistry) that I initially thought was a Whois verification email and almost ignored. It was, in fact,...

Advice and Resources for a Newbie Domain Investor

Someone reached out to me on Twitter seeking advice for selling domain names. In a short tweet thread, I shared a few thoughts and...