For quite some time, Name.com has been a leader in giving additional security to its clients without much hassle. The company’s offerings, called NameSafe, allow clients to have enhanced account security with a phone app or a security key fob. Sister company, eNom, also offers security enhancements in the form of Account Validation. In addition, 101 Domain offers a full suite of security products, as does Dynadot.
In a blog post this morning, Namecheap announced that it is now offering two factor authentication to its clients. This means that in order to log in to an account, a client would need the account password as well as a text message code that is sent for each log in attempt. This type of added security is great to see being offered.
I think all domain registrars should offer some form of two factor authentication for people to access accounts. My prefered method, and one that I use on various password protected accounts, is the text message authentication. I enter my user ID and password on specific websites, and they send me a text message with a one use code I need to enter in order to access my account. Without the text message, I can’t get into the account.
Other companies like Moniker and Go Daddy (**see update) offer their own forms of extra layers of security, but from what I recall, these extra security features are a bit cumbersome because they aren’t simple like a text message or answering security questions. For someone who makes frequent domain transfers, I would prefer the two factor authentication that I can do on my own, without the assistance of an account manager or a person who needs to authenticate my identity. They may be secure, but they can also be inconvenient for someone who needs to make frequent changes.
(**Update: Go Daddy DOES offer two step authentication and has done so for over a year.)
For many people who invest in domain names, a domain registrar account may be more valuable than a bank account. Unfortunately, most domain registrars don’t offer upgraded login security measures that are quick and effective.
If you know of other registrars that offer simple two factor authentication, please share that information in the comment section. If I am wrong about Go Daddy or Moniker, please let me know that, too!
Godaddy offers text message security also. I go into my account many times a day so text messaging is a pain so I did opt into having a rep call me anytime I need a domain transferred which is a pain but it certainly is peace of mind and I also change my password every few days.
As a side note if you have names that you know you will not be selling put those into a separate account with the text messaging and rep calling choices. More security the better especially on names that you don’t move around. Also add your names to domain tools domain monitor feature so anytime a name server, expiration lapse or anything else changes you will be notified in case your emails didn’t get received.
But NAME.COM still does’t offer registry lock, so they better wake up and implement that feature before customers realize that there are better registrars.
Hi Elliot,
Dynadot also offers two factor authentication on all of their accounts. We also have two additional security features that can be added onto accounts: SMS authentication and our Dynadot Token Authentication.
http://www.dynadot.com/domain/security.html
Thank you… I added that to the article.
G’daddy rep calls everytime and asks for a code before they will transfer anything out of my account. While it can be a bit of a production it is very safe. Even though the rep knows my voice they won’t transfer anything without the code.
nice imho.
I would like to vote enom.com as the most secure. It is almost impossible to transfer anything out of there even if you have the codes and have unlocked everything. Very difficult to work with and they gouge for renewals. imo.
I am happy to read that 101Domain.com and Dynadot.com we highly recommend in:
http://www.domaining.com/directory/domain-registration/
offer superior protection!
Namecheap has 2 factor sms/phone verification.