The Top 3 Secure Domain Name Registrars With Two-Factor Authentication

by Deepak Kanakaraju on April 9, 2014

secure domain name registrarsDomain name registration and holding is one of the most important aspects for any online business. Usually a lot of web hosting companies offer domain registration services but there are a few registrars who specialize in domain names, have wonderful security features and offer great prices.

Most domain registrars charge exorbitantly high for registration and renewal of domain names. For example, .in domain names are charged as much as $35 in many registrars and they do not offer any value added services for that price. But my recommended registrars charge only $10 – $15 per year.

One of the most important aspects for me when registering a domain name with a registrar is two-factor login / authentication which provides an additional layer of security of my domain names. Domain names are so important because the email IDs on that domain names are controlled by the MX records on the domain name.

If you have an email account online like yourname@yourdomain.com, this email ID can be controlled by anyone who steals your domain name. With email IDs, they can reset passwords for many of your online accounts. One guy lost his $50,000 @N twitter account like that. Google it.

So here is my personal recommendation if you are wondering where to register your domain names and hold it safely. If you hold your domain names somewhere else, you can transfer the domain name to one of the following registrars at great prices.

1. Name.com

name.com logoName.com has been my favorite registrar for the last 7 years. Their interface is simple, their prices are great and their support is excellent. Name.com provides 2 factor authentication through Symantecs’s ID Protection App called VIP Access. This is an app which you can install on your smart phone. You can also install it in 2 or more devices. The app generates a unique credential ID which is unique to the device.

So now this device acts like a key and the same credential ID cannot be replicated anywhere else. Against this credential ID, a security code is generated every 30 seconds.

vip access secure app

In your account with name.com, you have to enter this credential ID and save it. After you logout, you have to enter the security code every time you login into your account. But what if you lose your phone? That’s why it is recommended to have the same app in 2-3 devices. Name.com allows you to enter multiple credential IDs and you can enter the code generated by any of these devices. You can also install the app in your Mac or PC.

Name.com allows you to register a lot of special TLDs which are not available in many registrars. They also provide a DNS service which can be used as an alternative to premium DNS services like Amazon Route 53. If you have 25 domain names or more, you can become a member of their Domain Investor Club where they will send you exclusive discount coupons and codes.

2. Dynadot.com

dynadotMy second most favorite registrar is Dynadot. Their interface is clean and simple and they also offer great prices. Dynadot has its own authenticator app which you can install on your smart phone.

This app will generate security codes for your account. Usually, there is no need of security code while logging in but when you want to make important domain changes like changing the name servers, transferring the domain etc. you have to unlock your account and to do that you need the security codes.

3. NameCheap.com

namecheap logoNamecheap.com used to be my most favorite registrar but their support is not that great recently due to their “high volume of requests” so it has moved down in my list. But still it is a great registrar.

The 2 factor authentication in Namecheap.com is phone based and works with almost all the countries including India. They will send you a verification code to your mobile phone via SMS when you want to login. If the SMS is not delivered, you can select the call option and a robot will call you and voice out the security code. Namecheap offers lot of promotional codes which will give you discounts for domain renewal and registration.

The Others

I hold some of my domain names in other registrars as well. These are not important ones so I have kept them in registrars even if they do not always offer 2 factor authentication. They are:

  • Bigrock
  • Hover (Tucows)
  • GoDaddy
  • CrazyDomains

In general, it is not recommended to hold your domain names with a company which provides hosting solutions as their primary offering. That’s because these companies are not domain registrars themselves most of the time. They would have partnered with someone else to provide domain registration. You can check this out by checking this list of ICANN Accredited Registrars. If your hosting company, or even a company that claims to be a domain name registrar is not on this list, it is not recommended to register a domain name with them.

Hope you got a good idea about the secure and safe domain name registrars. My top 3 registrars are the place to hold your valuable and premium domains and get a good night’s sleep.

Disclosure: I have no affiliation with the domain name registrars that I have recommended. I am not promoting them. There are no affiliate links in this post and I don’t get anything in return for the mention. 

{ 18 comments… read them below or add one }

Andrew April 9, 2014 at 5:10 pm

I was looking for such a list. Thanks for the blogpost. Another registrar which is very safe is fabulous.com

Reply

Deepak April 9, 2014 at 5:18 pm

Thanks Andrew. Glad the info helped. Fabulous.com is a good registrar but in some countries you cannot open it.

Reply

Adam April 13, 2014 at 4:09 am

Yup, Name.com is a great straightforward registrar. They are reasonably priced and I’ve never had an issue with them.

Reply

Deepak April 13, 2014 at 7:08 am

That’s a nice comprehensive review Adam!

Reply

jeeps915 April 22, 2014 at 4:39 am

Cosmotown.com is another good registrar that offers 2FA. They’re pricing strategy is really unique, because their price actually goes down if you do longer than a 1 year registration. Along with free private whois, every year, it’s the best overall deal you can get.

https://www.cosmotown.com/#!/pricing

Reply

Deepak May 6, 2014 at 10:10 am

Worth a look. Thanks for the mention!

Reply

Jamie Finlayson June 10, 2014 at 10:48 am

Hey Deepak,

Do you have any experience with Moniker?

They actually let you lock the domain name and it can’t be transferred out unless you go through offline steps like sending copy of passport and answering specific questions you set when you buy ‘domain lock’.

So even if someone got into your account they couldn’t steal the name.

I’m just asking because Moniker are getting a little slack with some stuff at the moment, so was wondering if you knew any other registrars with this safety feature in place.

I don’t own a smartphone (yeah, I know) so the 2-step verification thing won’t work for me.

Cheers

Reply

Deepak June 10, 2014 at 8:13 pm

No I don’t have any experience with them but from the reviews that I have heard so far, they are not that great. Moreover having too much security is also not needed unless you own a domain that’s worth more than $100,000 (at least in my opinion!).

Reply

MAP September 3, 2014 at 9:50 pm

Thanks for the great article, Deepak.

I’d been pondering for weeks which registrar to go with for a new blog but you’ve helped me decide. Security is a huge concern for me so I’m glad I’ve been able to get some info from someone as well-informed as yourself.

Thanks again!

Reply

Deepak September 4, 2014 at 10:26 pm

You are welcome. I am glad it helped 🙂

Reply

cquarksnow January 30, 2015 at 10:33 pm

The issue is intra-registrar transfer. Registrars like Godaddy or Namecheap don’t have outbound push locks with 2FA, and ICANN does not impose a 60-day hold or scrutiny on intra-registrar transfers. So hijackers will first register an account with your registrar and then (possibly with the help of little friends within the registrar) take control of your domains, getting EPP in less than 2 hours, that yourself would not achieve with some, and then transfer to another registrar. If they pushed other domains that they did not transfer to another registrar, you are more likely to get them back. A 3FA on intra-registrar transfer, such as SMS or phone call might be the only serious option in this day and age…

Reply

Cheecka March 21, 2015 at 2:30 am

I’ve been using gandi.net , they have been offering 2fa since before this article was written.

Has anyone checked how secure these 2fa practice’s are. Specifically how they handle “customers” claiming to have lost access to their token. I have in the past contacted support at hosting companies and complained that I had trouble getting past the 2fa authentication so they simply removed it so I could login using username and password alone. But they never really verified who I was.

Reply

Deepak March 21, 2015 at 12:16 pm

I don’t use Gandi.net because their prices are a bit high. So far I have not seen much problems with registrars using Google’s 2FA app. There could be problems with registrars who use their own 2FA app which generates tokens.

Reply

James August 15, 2015 at 9:48 am

In my opinion and from personal experience, I would stay far away from Dynadot L.L.C.. I had my domain name STOLEN BY THEM. So please educate yourself on DOMAIN NAME INTELLECTUAL PROPERTY THEFT (DNIPT) and DOMAIN NAME FRONT RUNNING (DNFR), by visiting Antidynadot.com and click on complaints, and please read the complaints that former customers of theirs have made.

Also, if you want to validate my ongoing battle with them, the please visit the Better Business Bureau’s website to view my complaint listed. Over the next couple of years I will continue to post any other complaints that I discover, along with educating people on this unscrupulous, unethical practice of domain name misappropriation/intellectual property theft relating to DNIPT and DNFR.

I will follow their every move, and log any and all business dealings I find that they are involved in and post it on Antidynadot.com. I have discovered a few other things that the owner is involved in, and as soon as I gather more detailed information I’ll post that online too. As far as the other victims like me, that have supplied their story, thank you for all your help, I know it has damaged some of your lives in many ways.

If someone has been hurt by Dynadot L.L.C., please email me at StopDNFR@Gmail.com and I will post your complaints along with the other victims.

Reply

udhaykumar govind November 20, 2016 at 7:11 am

Hello Deepak,
I wanted a name and searched in name and dynalot. dynalot is cheaper 10.99 + 3.00 for domain privacy. so, should I opt for domain privacy and pay 13.99?
or 10.99 is enough for now. is there a promotional code or a discount available
Do you have a referral link that I can use?

Reply

Deepak Kanakaraju November 20, 2016 at 11:45 pm

I don’t think domain privacy is required. Go ahead without one.

Reply

Mehndi Design Video November 24, 2016 at 8:59 am

Sir, Thanks for such an in depth article. Recently I have started my first blog and I will definitely use all these tips you mentioned.

Reply

Serouj Baghdassarian November 29, 2016 at 8:25 pm

Godaddy is terrible.
A large scale phishing operation was done with a domain name registered on Godaddy. I reported many times and did talk to live chat support, they did not help. No security or whatsoever is important for them it seems!

Reply

Leave a Comment

{ 3 trackbacks }

Previous post:

Next post: