Two-factor authentication (1.Viewing)

MapleDots

MapleDotsMapleDots is verified member.

MapleDots.ca
Community Guide
Joined
Nov 4, 2020
Topics
1,978
Posts
8,172
Likes
7,068
From
Toronto, ON
Country flag
2fa-example.jpg



I have been reading a lot about domain thefts lately and even though it is not as prominent with .ca domains I strongly advice anyone with valuable domains to use Two-factor authentication.

In fact even two-factor does not go far enough, in case you lose your phone there is still a small chance something can go wrong.


I use something called Google Authenticator, which is an app that changes the authentication code every minute and will keep your account secure if someone should try to access it.
https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en_CA&gl=US


GoDaddy is the most secure registrar I have dealt with, my account has the following...

- PIN Enabled
- Two-Factor Enabled
- Authenticator Enabled


The authenticator is very important because the domains that are getting stolen are being accessed through human error. The perpetrators collect a bunch of information on the domain holder and then they phone support saying they have no access to the account. The support team verifies personal information and grants access to the account. The thief now unlocks the domains and transfers them out.

With authenticator activated the support team will not talk to you until you give them the authenticator code. So the support team cannot be tricked by a sob story saying you lost the password.

Consider activating authenticator if you are with godaddy and ask your current register to get it if they do not have it available.


Picture0003.png
 
There is also no-factor authentication, whereby scammers just call your registrar and pretend to be you on holiday, whereby you have forgotten your password, and lost your wallet and phone, but *really* need to access your account.... could you please help?

Yes... I know my address and phone number (from the dark web).. thank you so much.
 
DomainRecap said:
There is also no-factor authentication, whereby scammers just call your registrar and pretend to be you on holiday, whereby you have forgotten your password, and lost your wallet and phone, but *really* need to access your account.... could you please help?

Yes... I know my address and phone number (from the dark web).. thank you so much.
Click to expand...


That does not work at godaddy if you have authenticator activated.

Support is not allowed to talk to you without the code. It is the first thing they ask for and if you do not have it they are not even allowed to open your file.

If you lose your phone you login on your computer, get an authenticator code and call godaddy back.

So you cannot pretend to be the person because godaddy will not open a support ticket without the code.
 
Login or Register to reply

Sponsors who contribute to keep dn.ca free for everyone.

Sponsor
CanSpace
CIRA
MapleDots
NameNinja
WHC
Donors

Sponsors who contribute to keep dn.ca free.

Members who recently read this topic: 1

Back
Top Bottom