NameSilo

Is two-step verification still recommended for EU based domain owners?

Spaceship Spaceship
Watch
A

AniMeshorer

Established Member
Impact
134
I live in the European Union. I'd like to buy a new .com domain. We have GDPR since 2018, which means that when you look up a .com domain in the WHOIS and the domain owner is in the EU, the domain owner's private details (name, postal address, email address, phone number) are hidden. Generally the WHOIS search result will indicate "redacted for privacy".

Is this still the case? I think GDPR is still in place, but I'm not 100% sure.

Are the domain owner's personal details also hidden/redacted for privacy when looking up a .com domain in RDAP (Registration Data Access Protocol)?



In case EU-based domain owners indeed don't have their personal details showing in WHOIS search results, is two-step verification still needed or recommended?
 
Reply
0
0 Like
0 Thanks
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
AfternicAfternic
Sort by date Sort by votes Sort by points
Yes. Whois Privacy is still the same, and applies to RDAP. Just look up a random domain.

In case EU-based domain owners indeed don't have their personal details showing in WHOIS search results, is two-step verification still needed or recommended?
Click to expand...
Absolutely. Just make sure to get your backup codes.
 
Reply
0
0 Like
0 Thanks
•••
Upvote 0
MKA said:
Yes. Whois Privacy is still the same, and applies to RDAP.


Absolutely. Just make sure to get your backup codes.
Click to expand...
Thanks, I checked your link to the RDAP and indeed, no details of the domain owner is showing :)

Why would you recommend 2FA even when EU-based domain owners have their name/address/email address/phone number "redacted for privacy" in WHOIS? That is already a pretty good layer of security, I'd say.
I guess extra layers of security won't do harm, but it is reallty recommended?
 
Reply
0
0 Like
0 Thanks
•••
Upvote 0
Yes, WHOIS privacy helps, but 2FA adds another layer of protection against account takeovers. Better safe than sorry!
AniMeshorer said:
Thanks, I checked your link to the RDAP and indeed, no details of the domain owner is showing :)

Why would you recommend 2FA even when EU-based domain owners have their name/address/email address/phone number "redacted for privacy" in WHOIS? That is already a pretty good layer of security, I'd say.
I guess extra layers of security won't do harm, but it is reallty recommended?
Click to expand...
 
Reply
1
1 Thanks
0 Like
•••
Upvote 0
DediRock said:
Yes, WHOIS privacy helps, but 2FA adds another layer of protection against account takeovers. Better safe than sorry!
Click to expand...
I'm looking into it. To me it seems Yubikey and the Yubico Authenticator are about the safest 2FA around. Correct me if you disagree :)

With Yubico Authenticator you insert a USB-key (Yubikey) into your computer, and only then a once-off code for completing logging in is being created. This seems very solid.

Now I'm not sure which registrars accept Yubikey and Yubico Authenticator. Yubico's website claims all registrars accepting Google Authenticator, also accept Yubico Authenticator. I'm not sure if that's true?
 
Reply
0
0 Like
0 Thanks
•••
Upvote 0
AniMeshorer said:
I'm looking into it. To me it seems Yubikey and the Yubico Authenticator are about the safest 2FA around. Correct me if you disagree :)

With Yubico Authenticator you insert a USB-key (Yubikey) into your computer, and only then a once-off code for completing logging in is being created. This seems very solid.

Now I'm not sure which registrars accept Yubikey and Yubico Authenticator. Yubico's website claims all registrars accepting Google Authenticator, also accept Yubico Authenticator. I'm not sure if that's true?
Click to expand...
You're right, Yubikey and Yubico Authenticator are very secure. Most registrars that support Google Authenticator also support Yubico Authenticator, but it's good to confirm with yours.
 
Reply
1
1 Thanks
0 Like
•••
Upvote 0
DediRock said:
You're right, Yubikey and Yubico Authenticator are very secure. Most registrars that support Google Authenticator also support Yubico Authenticator, but it's good to confirm with yours.
Click to expand...

Name.com, which has been very reliable so far, mentions only Authy and Google Authenticator in their instructions on how to set up 2FA.

I have read about security leaks with Authy though, and I would prefer not to use a Google product for 2FA.

Someone told me though that, as the protocol of once-off codes generated by a token, is the same for all such services... then Yubikey should be able to work with Name.com just like Google Authenticator. Because both are tokens generating an extra code, the only difference is that Google Authenticator is a software-based token, while Yubikey is a hardware-based token.

I also wonder if wordpress.com would accept any form of 2FA. They mention SMS authentication as 2FA method. Not bad, but I'd prefer something like Yubikey.
 
Reply
0
0 Like
0 Thanks
•••
Upvote 0
Log in or sign up to reply here.
Dynadot — .com TransferDynadot — .com Transfer

Similar threads

A
question 2-step-verification and how it works
12 replies
1K views
AniMeshorer
A
nicenic
discuss Should You Add WHOIS Privacy Protection to Your Domain?
3 replies
630 views
nicenic
nicenic
CircleID
whois Beyond WHOIS: Rethinking Domain Verification in a Post-GDPR World
0 replies
434 views
CircleID
CircleID
CircleID
  • Article
domains Beyond WHOIS: Rethinking Domain Verification in a Post-GDPR World
0 comments
279 views
CircleID
CircleID
barefooted
registries A domain that is pending ICANN verification.
1 reply
2K views
Kuffy
Kuffy

We're social

Escrow.com

New posts ➔

Spaceship

Auction activity ➔

Domain Recover

How do you think a potential buyer first checks if your domain is for sale?

Polls of interest ➔

CryptoExchange.com

Hot this week ➔

Catchy

Community favorite ➔

Hot this month ➔

DomainEasy — Zero Commission

Blog favorites

DomDB

  1. AheadExchange.com

    • Make Offer

  2. ElevatedAutomation.com

    • Make Offer

  3. ForgetfulAF.com

    • Make Offer

  4. AirtaxiConnect.com

    • Make Offer

  5. chilepagos.com

    • Make Offer

  6. UKDAC.co.uk

    • Show Price

  7. MyCasablanca.com

    • Make Offer

  8. dubaicoworking.com

    • Make Offer

  9. Test2.org

    • Show Price

  10. stein.gr

    • Make Offer
  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back