Is two-step verification still recommended for EU based domain owners?

[AniMeshorer]

I live in the European Union. I'd like to buy a new .com domain. We have GDPR since 2018, which means that when you look up a .com domain in the WHOIS and the domain owner is in the EU, the domain owner's private details (name, postal address, email address, phone number) are hidden. Generally the WHOIS search result will indicate "redacted for privacy".

Is this still the case? I think GDPR is still in place, but I'm not 100% sure.

Are the domain owner's personal details also hidden/redacted for privacy when looking up a .com domain in RDAP (Registration Data Access Protocol)?



In case EU-based domain owners indeed don't have their personal details showing in WHOIS search results, is two-step verification still needed or recommended?

 

[MKA]

Yes. Whois Privacy is still the same, and applies to RDAP. Just look up a random domain.

In case EU-based domain owners indeed don't have their personal details showing in WHOIS search results, is two-step verification still needed or recommended?

Absolutely. Just make sure to get your backup codes.

 

[AniMeshorer]

Yes. Whois Privacy is still the same, and applies to RDAP.


Absolutely. Just make sure to get your backup codes.

Thanks, I checked your link to the RDAP and indeed, no details of the domain owner is showing

Why would you recommend 2FA even when EU-based domain owners have their name/address/email address/phone number "redacted for privacy" in WHOIS? That is already a pretty good layer of security, I'd say.
I guess extra layers of security won't do harm, but it is reallty recommended?

 

[DediRock]

Yes, WHOIS privacy helps, but 2FA adds another layer of protection against account takeovers. Better safe than sorry!

Thanks, I checked your link to the RDAP and indeed, no details of the domain owner is showing

Why would you recommend 2FA even when EU-based domain owners have their name/address/email address/phone number "redacted for privacy" in WHOIS? That is already a pretty good layer of security, I'd say.
I guess extra layers of security won't do harm, but it is reallty recommended?

 

[AniMeshorer]

Yes, WHOIS privacy helps, but 2FA adds another layer of protection against account takeovers. Better safe than sorry!

I'm looking into it. To me it seems Yubikey and the Yubico Authenticator are about the safest 2FA around. Correct me if you disagree

With Yubico Authenticator you insert a USB-key (Yubikey) into your computer, and only then a once-off code for completing logging in is being created. This seems very solid.

Now I'm not sure which registrars accept Yubikey and Yubico Authenticator. Yubico's website claims all registrars accepting Google Authenticator, also accept Yubico Authenticator. I'm not sure if that's true?

 

[DediRock]

I'm looking into it. To me it seems Yubikey and the Yubico Authenticator are about the safest 2FA around. Correct me if you disagree

With Yubico Authenticator you insert a USB-key (Yubikey) into your computer, and only then a once-off code for completing logging in is being created. This seems very solid.

Now I'm not sure which registrars accept Yubikey and Yubico Authenticator. Yubico's website claims all registrars accepting Google Authenticator, also accept Yubico Authenticator. I'm not sure if that's true?

You're right, Yubikey and Yubico Authenticator are very secure. Most registrars that support Google Authenticator also support Yubico Authenticator, but it's good to confirm with yours.

 

[AniMeshorer]

You're right, Yubikey and Yubico Authenticator are very secure. Most registrars that support Google Authenticator also support Yubico Authenticator, but it's good to confirm with yours.

Name.com, which has been very reliable so far, mentions only Authy and Google Authenticator in their instructions on how to set up 2FA.

I have read about security leaks with Authy though, and I would prefer not to use a Google product for 2FA.

Someone told me though that, as the protocol of once-off codes generated by a token, is the same for all such services... then Yubikey should be able to work with Name.com just like Google Authenticator. Because both are tokens generating an extra code, the only difference is that Google Authenticator is a software-based token, while Yubikey is a hardware-based token.

I also wonder if wordpress.com would accept any form of 2FA. They mention SMS authentication as 2FA method. Not bad, but I'd prefer something like Yubikey.