registrars Which Registrar Is Most Secure?

[DaveX]

With valuable domains being stolen and tons of new, untested registrars popping up, I've started thinking about security.

I have names spread across about 12 registrars. I tend to like GD, but I like others too.

Any feedback about which registrars provide the highest level of security?

 

[Slanted]

I think by point of view of secure registrar, Godaddy is the best at all.
Thanks

Does GoDaddy allow you to restrict login based on a white list of allowed IP addresses?

 

[usernamex]

Eventually I will move all my domains to Epik, the level of personal attention is phenomenal, and the UI is among the better designs with managing hundreds of domains.

@Slanted - a security feature I like is account access notification - by email or text. I already use the IP Whitelisting you offer and I know that isn't ideal for some folks setup.

Here's what InternetBS sends me

Spoiler: example internet.bs

For security reasons we inform you about each access to your account. If you got
this notification but you did not login to your account, please contact us as
soon as possible at [email protected] <mailto:[email protected]>.

Date: Fri, 30 Jun 2017 05:54:54 +0000
IP: xx.xxx.xx.xx
Host name: ipxx-xxx-xx-xx.zz.zz.zzz.com
Country: Bikini Bottom (BKB)
Browser: Mozilla/5.0 (X11; Linux i686; rv:38.0) Gecko/20100101 Firefox/38.0

*Note:* if you don't want to receive such notifications please login to your
account and disable it in the email notification settings page.

One thing I could not figure out how to do was enable MaxLock from the control panel so if you can point me in the right direction that would be super

 

[Domaniak]

@Domainiak,

Each customer account is assigned to a pricing group. Then prices (defined for that pricing group) appear automatically during checkout. Hence it's a choice between (A) low prices and the ability to use credit cards / Paypal; and (B) even lower prices but no payments by credit cards / Paypal. As you can see, pricing is defined for the customer account as a whole.

Theoretically, it might be possible to look at a $500 account balance and divide it up into $113.17 left over from a past wire transfer, $189.42 from a past Paypal payment, $46.29 from a credit card, and $151.12 in the form of MasterBucks / in-store credit. In effect, each customer would have half a dozen smaller balances. Then when you go to buy something for $250, we could (again, theoretically) interpret that as using up a mixture of dollars from different payment sources – 60% at the low rate and 40% at the even lower rate. Then prices would be a weighted average of the 2. But this would look REALLY confusing to customers. And it would also require coding up a completely new database architecture to handle a very complicated system of account sub-balances, hybrid payment rates, weighted-average calculations, etc.

Our account was 100% funded from MasterBucks only, hence my question. Who in their right mind would fund an account using PayPal or CC since there is no advantage whatsoever of doing so?

And why not keep things simple and go with a process of elimination - simply levy a charge on PayPal or CC funding of the account balance (like many other registrars do)? After that, all in-account funds, from whatever source, are of one kind only and free and clear of any ambiguity.

And this way, you can fully automate levying appropriate charges for each type of funding source, as you add new funding options.

 

[anony]

Does GoDaddy allow you to restrict login based on a white list of allowed IP addresses?

No,my ex acc was lost and created new and the new doesn't support customer I'd 159896688, no any domain transfer or accepted in my GD acc....,how can I solve this problem plz help me dear.

 

[usernamex]

No,my ex acc was lost and created new and the new doesn't support customer I'd 159896688, no any domain transfer or accepted in my GD acc....,how can I solve this problem plz help me dear.

Please start a new thread and then tag Joe Styler for help with a GoDaddy issue, this is off topic for this thread : smile :

 

[Pramanthas]

@robepik @Slanted Please introduce Google Authenticator or Authy 2-factor as an alternative for mobile SMS authentication.

Having the code generated on your phone with these apps would be a better option, instead of waiting for the SMS to arrive.

 

[anony]

Please start a new thread and then tag Joe Styler for help with a GoDaddy issue, this is off topic for this thread : smile :

Ok sorry.

 

[usernamex]

The way other registrars handle different payment fees is at the time of pre-funding. So if you made an account type that was pre-fund ONLY, you can simply deduct the fee at the time the funding is deposited - if you pre-fund $100 using Wire, you get $100 credit in your account. If you pre-fund $100 by Credit Card, you get $95 in your account. Then whenever you use the account balance, the original source doesn't matter because the fee was already taken into account. PayPal is worse since they have flat + percentage so imagine the percent could be flat higher, or variable based on the amount. You can also set a minimum funding requirement on top of the fee, so people are not funding small amounts, like $50 or $100 minimums are pretty common.

Then people can choose to have a pre-fund only account (8.10) or a pay as you go account (8.49)

Another benefit to pre-funding is I don't have to leave a credit card on file which I personally don't care for as an extra security vulnerability.

 

[Domains - Wanted]

^^^ What @usernames and @Domaniak said!

You can set a minimum amount for account funding by PP or CC, like OnlineNIC or Enom does with reseller accounts, setting a lower fee (say, 3%) than for individual domain registrations/transfers (5%) - an incentive to pre-fund accounts. You might even increase the fee for retail payments to promote pre-funding.

 

[Slanted]

Eventually I will move all my domains to Epik, the level of personal attention is phenomenal, and the UI is among the better designs with managing hundreds of domains.

Thanks for the thumb's up.

A security feature I like is account access notification - by email or text.

That's an interesting idea. We'd have to let people toggle this setting ON / OFF (default OFF), since most customers wouldn't want any extra email messages. But I'm sure some customers would want to track logins. Curious how many people want this ... Show of hands? It sounds like a good idea, but I also wonder if people wouldn't get sick of all the emails or – worse – grow so accustomed to them (through frequent logins of their own) that they'd fail to notice a suspicious login even if 1 did occur.

One thing I could not figure out how to do was enable MaxLock from the control panel so if you can point me in the right direction that would be super

Pretty sure we haven't implemented an ON / OFF switch in the customer's user interface. Later, we might. For now, you can contact support, and they'll do it for you.

 

[Slanted]

And why not ... simply levy a charge on PayPal or CC funding of the account balance (like many other registrars do)? After that, all in-account funds, from whatever source, are of one kind only and free and clear of any ambiguity.

Worth considering. I'm not fully satisfied with the existing system of determining prices, and I plan to propose some changes soon. That said, I've been at Epik barely 3 months, and cannot (and should not) change things too fast. Customers get used to things a certain way. And there are often reasons why things are the way they are. We're at a point now where I think we can hopefully balance a smooth status quo with some modifications.

 

[Slanted]

P.S. Speaking of modifications, Epik's new domain financing feature was released in beta this past week. If you've ever wanted to arrange month-to-month domain rentals, optioning, or installment purchase plans, we're the best game in town.

 

[Domains - Wanted]

...That said, I've been at Epik barely 3 months, and cannot (and should not) change things too fast.

Yes, well, this is why I very much appreciate Rob's taking a personal interest
No offense, staff is always constrained by, well, being staff.

Customers get used to things a certain way.

How so? Oh! Like asking Rob for help to adjust pricing manually on a case by case basis, you mean?

And there are often reasons why things are the way they are.

Are you generalizing or referring to this particular issue?

 

[NameAcquisitions]

I have a suggestion for Epik. I'd like to see registry lock feature. Verisign apparently makes this available, yet practically no registrar offers it as a reasonable add-on.

 

[Domaniak]

I have a suggestion for Epik. I'd like to see registry lock feature. Verisign apparently makes this available, yet practically no registrar offers it as a reasonable add-on.

So what's the difference between registrar-lock and registry-lock? (assuming you are not talking about the former)

 

[UXela]

I tend to keep my most valuable domains with NameSilo and Epik and I've been happy with both from all perspectives (including security). I tend to use NameSilo more because I like their platform more and the site is faster.
However I would never ever keep valuable domains with GD or other shady registrars (mmmm.... 1&1, bigrock, domain.com & co., etc.).
I do buy domains at GD auctions but I move them immediately to NameSilo by requesting the 60 day lock to be lifted as soon as the domain is in my account...

 

[xn--v4h.com]

That depends. If you're asking whether Emoji domains can be registered at Epik, then the answer is yes.

Emoji domains are essentially a subset of IDNs. Not all TLDs have enabled emoji registrations, though I know .WS offers them. These can be registered at Epik.

If you're asking about displaying emoji domains (or IDNs generally), that's a separate question. Most websites tend to show the punycode version. (That's the encoding that begins "xn--".)

As IDNs become more popular, websites everywhere may put more development resources into showing them in the native character set – Arabic, Cyrillic, Japanese, Chinese, etc. Displaying emojis would (I think) follow as a consequence of that broader trend.

Understood. Thanks for taking the time to answer my question. I've shared it with my emoji domain colleagues.

 

[xn--v4h.com]

Does GoDaddy allow you to restrict login based on a white list of allowed IP addresses?

Wow!

 

[xn--v4h.com]

I tend to keep my most valuable domains with NameSilo and Epik and I've been happy with both from all perspectives (including security). I tend to use NameSilo more because I like their platform more and the site is faster.
However I would never ever keep valuable domains with GD or other shady registrars (mmmm.... 1&1, bigrock, domain.com & co., etc.).
I do buy domains at GD auctions but I move them immediately to NameSilo by requesting the 60 day lock to be lifted as soon as the domain is in my account...

I don't know too many people at GD but the few I do know they're pretty good people. Been a customer of theirs for a long time. But yeah, if you have a lot of domains you should spread them around to other registrars.

 

[UXela]

@xn--v4h.com also read the horror stories with people getting locked out of their GD account for various BS.
Some of those people lost very valuable domains as a result of this GD bullying.

I once lost access to my GD account for a stupid technical issue.
It wasn't very nice since at that time I had 3 valuable domains there and the GD staff took their time answering and solving the issue. All in all I was locked out for more that 60 hours.

After this experience I moved everything important away from them or any other shady registrar.
Anything that's worth more that $1000 stays with NameSilo or Epik.