GoDaddy and two-factor authentication update

Two factor authentication is a must these days; domain hijacking is rampant and cybercriminals often devise some crafty attempts to steal domains via social engineering.

Domain registrars that currently implement two-factor authentication include GoDaddy (SMS, US only), Uniregistry (Google app), (Google app) and eNom (Google app).

Currently, GoDaddy is being targeted by cybercriminals simply because of its large volume of domain registrations; unfortunately, the two-factor authentication is only available via SMS/text message to US customers.

Recently, I reached out to GoDaddy Aftermarket Product Manager, Joe Styler, who has been assisting with domain theft issues as well.

Joe Styler mentioned that two-factor authentication is coming for international customers as well.

Initially, GoDaddy planned to utilize the Google Authenticator app for that matter, but a decision was made to produce a dedicated app for this, thus keeping control of inbound and outbound data.

I think this is a smart decision as the volume of such requests would enable GoDaddy to establish proper control of customer information and its safety.

With that in mind, there is no set date that the two-factor authentication app will be made available, but I remain optimistic.

If your domain registrar supports two factor authentication, make sure you enable it.



  1. Introducing 2-factor authentication internationally is crucial for GoDaddy, inasmuch as the lack of it has been explicitly cited by customers moving their portfolios elsewhere.

    Personally I feel much more secure at GoDaddy than I ever would elsewhere – particularly at the 1 registry you know I’m referring to … whose management I now distrust completely. GoDaddy, in contrast, is quite stable and doesn’t need to use domainers as a stepping stool.

    That said, I do rely on 2-factor authentication and have a good relationship with my account rep at GoDaddy. If I were unable to use 2-factor authentication, then I would probably move. So hurry up, GoDaddy, and offer the same benefits globally!

  2. When you have a preferred account your rep will call you direct instead of using text messaging.

  3. Todd – That’s about 0.5% of all GoDaddy customers. The security measure needs to affect everyone, as in 100% of all accounts. Preferred accounts can have that extra layer, but the two way authentication must be implemented across the base.

  4. I understand that. I only mentioned it because I have talked to a few people that have a preferred account and had no clue they had this as part of their service.

  5. Well i can say the two factor at Dynadot is an absolute nightmare and just did not work when I tried a number of times, confusing and only supposedly works after an account is logged onto?? …… I gave up and will take my important names elsewhere perhaps. I found the support responses to be ill effective and I suggested they do a screenshot youtube video to show exactly how to do it ……..still waiting for that one.

  6. Introducing 2-factor authentication internationally is important, but it will not improve their international customer base. It makes sense to use Godaddy if you, as an investor, are active on their marketplace, I mean if you use actively their auction system, but you can’t use it if your domains are not in English: in that case it would be completely useless, since you can not even search domains which are in languages other than English.
    Therefore yes, 2-factor authentication will be appreciated in all countries, but it will not add customers to them, to reach that they have to solve other more important issues like the one I mentioned.
    But maybe it’s a political choice…, otherwise I can’t understand why they do not add a simple feature like domain searching based on different languages

  7. Hey everyone! Just wanted to update all the readers here that Two Factor Authentication is now available for international customers. You can read a bit more about it here:

  8. Colby – I was under the impression GoDaddy has been developing its own in-house app as an alternative to SMS texts? Has that option been abandoned?

Speak Your Mind