|
|
|
|
|
|
by nikolay
1016 days ago
|
|
|
Namecheap is one of the worst. I keep saying here how I managed to persuade a rep to remove my MFA over chat and they didn't do proper auth. Look at NameBright - cheap and has a great new beta interface and it has an API as well. |
|
|
The MFA is a joke. I recovered a client's MFA myself with almost no effort. It worked out since didn't properly set up MFA anyway and needed to get it unlocked and set up correctly, but I was shocked how easy it was to pretend to be someone with them. They disabled someone else's MFA with only me confirming a DNS record (which i looked up publicly using dig), plus the name and password of the account. It was scary easy.
At one point many years back they decided to stop supporting Authy as their MFA provider and tried to move everyone to their namecheap app, which would be used as a second factor. But the app was so terribly broken and I got locked out of my account multiple times because the app would crash on newer iPhones for a while, so I couldn't access my account. This must have been super common because they disabled MFA for me by just confirming a code sent to my phone. I assume this was a widespread problem and they might have eased up MFA deactivation rules for a time since there were probably a lot of people locked out of accounts.
Luckily now, they use mainstream 2FA codes, so you can use any app you want. But the process has already scarred me.
Overall, Namecheap has deteriorated to all the problems that Godaddy orginally had. The bait-and-switch renewal prices, clunky UI, slower nameservers, and upsells upsells everywhere for email hosting and everything else.
So after about 15 years of namecheap, I will be finding a new home sometime this year for all my domains.