Namecheap has recently come under fire

This post entitled “Namecheap still doesn’t support 2FA in 2017” has attracted a lot of attention recently.

It made my blood boil because there really, really is no excuse for it.

Asking the question

Netregistry is one of Australia’s larger suppliers of domains. They’ve consumed a lot of smaller companies and if you have a .com.au domain, there is a reasonable chance you are using them even if you don’t know it.

I went and logged in to check my MFA, was surprised I didn’t already have it running, and ended up looking for where to do so.

Eventually I logged a support case, adament it was probably a case of me not looking hard enough. When that case never got a response, I opened a live chat. I’ll let it speak for itself.

We are all guilty

There is an ongoing theme in the security community. You complain about something being bad. You write a blog telling people how bad it is.

Then you sit around and lament the badness.

I’m not going to start a Twitter campaign. I’m just going to vote with my feet. My domains are being transferred.

Amazon of course, fully supports MFA. Unfortunately, I have a few more days until I can move the last of my domains, Get Cryptolocker, due to ICANN’s new 60 day policy.

Netregistry - no MFA support, no shits given

Unlike Namecheap, which at least apparently support SMS, Netregistry don’t support anything..

Fortunately, they seem completely unconcerned about people going elsewhere: