[guitarbill]

Agreed, there was a big issue with the communication about 2FA. And then the proprietary app was rolled out, in what seemed more like a checkbox ticking exercise. At that point I also migrated and haven't looked back.

Why a checkbox ticking exercise? Even the Oct 2018 post by the CEO [1] says "[...] our proprietary app, was not well-received by many of you and did not serve you in the way many of you preferred to use 2FA." Apart from being such bullshit corpo speak, how was one single second factor device per person sufficient for critical infrastructure? What was I supposed to do, buy two phones? If a place is so clueless about 2FA, run. You can almost be sure they don't use 2FA internally.

(While I'm here, allow me to name and shame Patreon, who used to support TOTP, but removed that option and now only have SMS [2])

[1] https://www.namecheap.com/blog/true-totp-2fa-and-u2f-are-com...

[2] https://support.patreon.com/hc/en-us/articles/206538086-How-...

[NamecheapCEO]

No excuses, you're right, we made a bad decision then and losing customers like you was the consequence of that. I apologize for that and any other negative experiences you may have had with us due to this.

[guitarbill]

I do respect you for stepping up here, and my experience with Namecheap was very good (barring 2FA). I guess it comes down to trust, which is hard to gauge.

The other thing that would stop me from returning to or recommending Namecheap is GDPR compliance, or lack thereof. While I don't expect you to fight ICANN, it's a blocker. (Obviously, not many registrars offering compliance at the moment...)

[NamecheapCEO]

While we still have some gaps around GDPR we have active workstreams to close them. We've also rolled out free privacy protection to all of our customers, not just those in the EU. I can also say that we've always been extremely careful with sharing any customer data with third parties even before GDPR came into the conversation. Customer privacy is not something I believe should ever be compromised on. While we've made some dumb decisions, I can assure you it was always well intended. Even our previous lack of speed to fixes was due to us making a conscious decision to go back and rebuild our entire infrastructure and code base so that we can be more flexible and agile in the future. It was a hard sacrifice to make and it affected our customers negatively but I believe it will lead to a better future with what we'll be able to deliver to our customers in terms of effectively and seamlessly solving their problems. Hopefully you'll come back some time in the future and you can judge us by our actions and what we are building and delivering and not just my words.