The 2-Step Verification GoDaddy uses makes the account very secure and I advise every domainer who has even one valuable domain in their GoDaddy account to use it. I use an authenticator app instead off a text message because it is far more secure than a text message.
Let me explain the details of the security for you...
With sms notification your phone will get a sms message with the code and you punch it in to login to your account. There are a couple of reasons why this might prove to be problematic.....
Lets just pretend you had a roommate and he wanted one of your domains, it would be very possible for him to steal it from you. With my system he would not be able to do so.
Lets begin...
Your roommate stays up until you go to bed (apply it to other circumstances hotel rooms etc) and gets access to your godaddy account because your browser automatically fills in the password. He then sees you need an sms code so he simply looks at your phone and enters it in and voila he now has access to your account. Smarter domainers will not display sensitive information on their lock screen but the fact is most people do. There is an option to turn that off though.
Here is my advice...
Use the authenticator app option instead because it is much more secure. So same circumstance but instead of an sms message my roommate now gets a prompt to enter the authentication code. He goes to my phone and would have to unlock it to get access to my authenticator program. Lets pretend for a second the roommate even has my unlock code. He now has to open my autehnticator app with another security code before he can ever see that login code. The security measures are so immense that even the people I know the best and am the most trusting of would never have access to my account.
So you would think that is the most secure right? ---- Wrong
One more step...
GoDaddy is an example of what not do do on the login screen, they mean well but are still making one security mistake. You notice GoDaddy asks you to name the app you picked as your authentiocator app and most people will do as in the picture above and say "Google Authenticator" or whatever app they use. That is another security trap I personally would not fall into. Make sure to name it something other than the app you actually use because you also do not want to tell a possible hacker what program you use.
Take the security to the absolute max....
I named my Authenticator app Google Authenticator and I use a completely different program. This throws a possible hacker a false curve ball. In my case even if a roommate got access to my phone and knew my unlock code he would now have to have the unlock code to my authentification program as well but I take it even further, I have a few of them loaded on my phone and he would try the google autenticator first because it is named on my login screen but he would be completely wrong because I use a different one.
So you see, there are always ways to dramatically increase the security of your account.
You would think this is as far as security goes right?
Wrong again.....
Apply the above to your email as well and you will be secure!!!
Last edited:
