[CharlesW]

I think there are good reasons to avoid GoDaddy, but do HN-ers feel like there are registrars whose employees would never fall for social engineering techniques, or whose systems and/or processes make such a scenario far less likely?

[toast0]

If it's really important, you need a registrar and a registry with a Registry Lock program. With this in place, when you want to make a change, you notify the registrar, who notifies the registry, who carries out the authentication procedure and, if successful, allows the domain to be changed, then relocks.

Note that the registry may only be available to do unlock procedures for limited hours, usually business hours in their locale; that might be inconvenient if it's not your locale.

My understanding is Cloudflare can do registry locks, but does not offer registrar services standalone. Corporate oriented registrars like CSC and MarkMonitor offer it. I don't have experience eith CSC, but MarkMonitor had a pretty high minimum spend (I think 10k/year) to get on their platform circa 2013; that may have changed, also they're now owner by a VC firm, just FYI.

NetworkSolutions (boo hiss), rolled out a registry lock feature after a high profile hijacking which was why my employer had me work with MarkMonitor.

[tmpz22]

Companies with better established security infrastructure like AWS and Google make for better registrars in my opinion. They're not perfect, for example with Google you might lose your domains due to a youtube infraction. Actually, now that I think about it strike Google from the list, just AWS really.

[n42]

I would love to use AWS's registrar exclusively for anything I host there, but unfortunately they have a pretty limited selection of TLDs. it's more important to me that all my domains are in one place so I can review them at once. I really wish they would support more.

[tmpz22]

If "viewing all at once" in a single UI is more important then security, reliability, etc., you don't have many constraints to begin with.

[n42]

a domain registrar has three functions:

1. configure my nameservers and whois info.

2. pay my bills.

3. prevent other people from taking over my domain.

I can see how AWS would give you more confidence in #3.

considering AWS is just reselling Gandi, I would love to hear how AWS (or any registrar) can be more reliable than another :)

[tootie]

AWS because they don't have customer service.

[hombre_fatal]

Not so fast. Six or so years ago someone reset the password on my account from the retail site's live chat because they knew info found in a whois.

Thankfully I only used that account for some retail purchases.

[malux85]

What? Yes they do. There’s even premium support options for a few k a month you can have dedicated and responsive support

And if you can’t afford a few k a month for a dedicated support person for your infra, then you aren’t worth supporting - I.e. go to godaddy

The market kind of helps optimise this.