- Impact
- 2
First of all, let me state that I am a newbie having started on this in the first week of July.
One of the issues that I was initially concerned about is how secure are the domains placed at any particular registrar.
The concern is if it can it be hacked and transferred out to another person?
This is a valid question because of the horror of logging in and finding that all your domains are transferred out.
The risks involved can be analyzed in terms of:
(1) How easy is it for the hacker to guess your password?
Answer:
(1a) Have you made it easy for the hacker to guess your password? If not, this should be okay. This is under your control.
(1b) Check if your registrar send your password to you in the clear when you click on lost password. If yes, then it depends on internal controls on who can use that generate password option. Or is there a master password or decryption software in the hands of people within the company. This is under the registrar control. How well they control their internal processes is beyond our knowledge.
(1b.1) I tried with Moniker because they are reputed to have the best security. However they sent the password to me in the clear. There is at least one other registrar (which i cannot recall at this moment) who also sent the password to you. Perhaps it might be better if they provide you a link and when you click the link, you enter in a new password.
(2) How easy is it for the hacker to access your authorization code?
Answer:
(2a) For Name.com, once they enter into your account, they are able to unlock your domain. The authorization code is display on your control panel for them to see. Thus once they get in, your domains can be transferred easily.
To circumvent that, Name.com allow you to edit your security settings. I changed my to allowing at most 3 attempts to guess the password before the system deactivates the account for about 15 minutes. The default is 10.
(2b) For Dynadot, even if they enter into your account, they will still need to guess what is your birthmonth and birthday before the account is unlocked and the authorization code is given. Thus there is an additional layer of security which is very comforting.
(2c) GoDaddy appears to have the best of the three. In order to access your authorization, they will have to click a button. Instead of displaying it on the screen, GoDaddy actually sent the authorization code to your email account. This is excellent because now the hacker will need to go to your email account to retrieve it. If your email account is maintained at the ISP level, this provides an extra extra level of higher security.
In addition, GoDaddy provides an extra layer of protection in the form of registrar lock in which case it is very very difficult for your account to be transferred out. However that extra layer of protection is very expensive at around US$20 per year because it comes bundled. I had written to GoDaddy to request that they decoupled it but they are not looking into that for the moment.
Thus of the three, Godaddy appears to be the most secure, followed by Dynabot fairly closely and Name.com a distant third.
(3) What is the ease of the transfer process?
Answer:
(3a) Now if it is important for you to transfer the domain out easily, then Name.com wins hands-down because the authorization code is display there and unlocking is not a problem at all. Thus if you are into short-term flipping, then that should not be a problem.
(3b) For Name.com, Dynadot and GoDaddy, they will send an email to the registrant and wait for a reply before initiating the transfer. Under most circumstances, this should be enough. As to what happens if they felt suspicious of the transfer, I cannot find any statements on that in their website.
(3c) Moniker said in their website that they have operational control of the process by having 3 independent people to review your request and if needed, contacting you to see if you have initiated the transfer request. (Please see their website for the exact words they used).
However Moniker's charges are expensive. I had written to them and they quoted me some discounted rates. However I had about 5 to 6 correspondences with them because their discounted rates was not reflected on the screen. They did not reply to my last email. Two drawbacks: they add a surcharge of 4% if you pay by PayPal. If you pay by credit card, the surcharge is avoided. But now you have to answer compulsory personal questions like how much you earn, etc, etc.
But a lot of forums have people attesting to the fact that Moniker's security is the best. However it appears that they are referring to the review process. Nonetheless because my experience with Moniker is limited, if there are Moniker users here, please do elaborate on your experience.
(3d) It had been said that Fabulous is a very good registrar with an Executive lock feature. However the drawback is that in order to qualify for the wholesale price, you must first have a monetization account with them. This means that you must provide them with 10 accounts that you are prepared to park with them. All my accounts are rejected by them because they lacked commercial potential. For newbies, this is a daunting task as up to now, I still do not know where I had gone wrong. Thus the alternative is to sign up for their regular account where the cost of a domain is $15. Which is not worth it.
(3e) Network Solutions is reputed to have strong security. Appreciate if any user can elaborate
(3f) Mark Monitor appears to be very exclusive. Reading through their website it appears unlikely they are willing to offer $5.99 domains. Appreciate if any user can elaborate. But they should be very secure because apparently they assign a manager to you and you cannot do self-registration. You have to request for them to contact you.
So to conclude, of the three: Name.com, Dynadot and GoDaddy,
(i) GoDaddy has the highest security in sending your authorization code to your email
(ii) Dynadot is second because you must guess the birthday before they will unlock the account and give you the authorization code
(iii) Name.com is best if you are into short-term holding of your domains because they make the transfer process very simple but at the same time, you can limit the number of tries people can have to attempt to log into your account.
Okay, over to you guys
One of the issues that I was initially concerned about is how secure are the domains placed at any particular registrar.
The concern is if it can it be hacked and transferred out to another person?
This is a valid question because of the horror of logging in and finding that all your domains are transferred out.
The risks involved can be analyzed in terms of:
(1) How easy is it for the hacker to guess your password?
Answer:
(1a) Have you made it easy for the hacker to guess your password? If not, this should be okay. This is under your control.
(1b) Check if your registrar send your password to you in the clear when you click on lost password. If yes, then it depends on internal controls on who can use that generate password option. Or is there a master password or decryption software in the hands of people within the company. This is under the registrar control. How well they control their internal processes is beyond our knowledge.
(1b.1) I tried with Moniker because they are reputed to have the best security. However they sent the password to me in the clear. There is at least one other registrar (which i cannot recall at this moment) who also sent the password to you. Perhaps it might be better if they provide you a link and when you click the link, you enter in a new password.
(2) How easy is it for the hacker to access your authorization code?
Answer:
(2a) For Name.com, once they enter into your account, they are able to unlock your domain. The authorization code is display on your control panel for them to see. Thus once they get in, your domains can be transferred easily.
To circumvent that, Name.com allow you to edit your security settings. I changed my to allowing at most 3 attempts to guess the password before the system deactivates the account for about 15 minutes. The default is 10.
(2b) For Dynadot, even if they enter into your account, they will still need to guess what is your birthmonth and birthday before the account is unlocked and the authorization code is given. Thus there is an additional layer of security which is very comforting.
(2c) GoDaddy appears to have the best of the three. In order to access your authorization, they will have to click a button. Instead of displaying it on the screen, GoDaddy actually sent the authorization code to your email account. This is excellent because now the hacker will need to go to your email account to retrieve it. If your email account is maintained at the ISP level, this provides an extra extra level of higher security.
In addition, GoDaddy provides an extra layer of protection in the form of registrar lock in which case it is very very difficult for your account to be transferred out. However that extra layer of protection is very expensive at around US$20 per year because it comes bundled. I had written to GoDaddy to request that they decoupled it but they are not looking into that for the moment.
Thus of the three, Godaddy appears to be the most secure, followed by Dynabot fairly closely and Name.com a distant third.
(3) What is the ease of the transfer process?
Answer:
(3a) Now if it is important for you to transfer the domain out easily, then Name.com wins hands-down because the authorization code is display there and unlocking is not a problem at all. Thus if you are into short-term flipping, then that should not be a problem.
(3b) For Name.com, Dynadot and GoDaddy, they will send an email to the registrant and wait for a reply before initiating the transfer. Under most circumstances, this should be enough. As to what happens if they felt suspicious of the transfer, I cannot find any statements on that in their website.
(3c) Moniker said in their website that they have operational control of the process by having 3 independent people to review your request and if needed, contacting you to see if you have initiated the transfer request. (Please see their website for the exact words they used).
However Moniker's charges are expensive. I had written to them and they quoted me some discounted rates. However I had about 5 to 6 correspondences with them because their discounted rates was not reflected on the screen. They did not reply to my last email. Two drawbacks: they add a surcharge of 4% if you pay by PayPal. If you pay by credit card, the surcharge is avoided. But now you have to answer compulsory personal questions like how much you earn, etc, etc.
But a lot of forums have people attesting to the fact that Moniker's security is the best. However it appears that they are referring to the review process. Nonetheless because my experience with Moniker is limited, if there are Moniker users here, please do elaborate on your experience.
(3d) It had been said that Fabulous is a very good registrar with an Executive lock feature. However the drawback is that in order to qualify for the wholesale price, you must first have a monetization account with them. This means that you must provide them with 10 accounts that you are prepared to park with them. All my accounts are rejected by them because they lacked commercial potential. For newbies, this is a daunting task as up to now, I still do not know where I had gone wrong. Thus the alternative is to sign up for their regular account where the cost of a domain is $15. Which is not worth it.
(3e) Network Solutions is reputed to have strong security. Appreciate if any user can elaborate
(3f) Mark Monitor appears to be very exclusive. Reading through their website it appears unlikely they are willing to offer $5.99 domains. Appreciate if any user can elaborate. But they should be very secure because apparently they assign a manager to you and you cannot do self-registration. You have to request for them to contact you.
So to conclude, of the three: Name.com, Dynadot and GoDaddy,
(i) GoDaddy has the highest security in sending your authorization code to your email
(ii) Dynadot is second because you must guess the birthday before they will unlock the account and give you the authorization code
(iii) Name.com is best if you are into short-term holding of your domains because they make the transfer process very simple but at the same time, you can limit the number of tries people can have to attempt to log into your account.
Okay, over to you guys
