Switch to authenticator apps for better two-factor authentication – Domain Name Wire

App-based authentication is better than SMS authentication.

Google Authenticator

Google Authenticator works with registrars that use app-based two-factor authentication. Photo courtesy Google.

Two-factor authentication is a must-have to improve the security of your domain name registrar accounts. Most major domain registrars offer it now. If yours doesn’t, it’s time to change registrars.

There are two main types of two-factor authentication in use today:

1. SMS based. When you enter your username and password you receive a text message with a one-time verification code that you enter in your browser.

2. App based. After you enter your username and password you open an app to get a one-time code.

While most registrars started with an SMS approach, more are offering the app-based approach. You should consider enabling app-based authentication.

SMS authentication has a couple issues. First, they aren’t always reliable since you’re dealing with mobile phone networks. Second, people are starting to crack them.

I recently set up app-based authentication with GoDaddy and prefer it to the text messages I used to receive. The only downside is when you need to authenticate in its app; you need to go back to the authenticator app and remember the code instead of having the SMS pop up over the app.

The most popular two-factor app is Google’s Authenticator app. You can get codes for all of your accounts (GoDaddy, Uniregistry, eNom, etc) on one screen.

I hope that registrars add support for security keys soon, too.

For added security against domain theft, check if your registrar offers added security checks. If you spend enough money with GoDaddy to have an account manager, you can have them call to verify transfers before they leave your account.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s