[eze]

I was disappointed with Gandi in terms of security features. On the plus side, they allow you to disable password resets, but then this is fairly standard. On the other hand, they don't offer two-factor authentication or login notifications. Moreover, they inexplicably publish your "handle" under your whois information (as "nic-hdl"). This gives away the username, arguably making targeted attacks significantly easier.

Edit: grammar.

[scott_karana]

Who do you use for your registrar, currently? I'm not particularly happy with my local one, and a security minded one would be a refreshing change.

[eze]

I have been using Name.com for a while, and I like their approach to security. Though I must say... I once forgot my password (made it way too complicated) and in addition to a fee all it took to recover my account was to send a scan of my ID card. I think I'll write up some modest proposals for this industry. Moniker's MaxLock is too expensive and imprecise.

Boy, was that a long answer to your question!