Like many other people I own several domain names, and use the free version of google apps to manage the e‑mail for them. A few months ago I read a tale of woe by Naoki Hiroshima, who had lost control of his valuable @N twitter username thanks to a domain name theft.
Naoki had done everything reasonable that I had done, using 2 factor (or 2‑step) authentication for all his major services, including his google account. Unfortunately his domain registrar hadn’t offered 2 factor authentication, and this weak point in the chain was all that was needed for an attacker to take control of a large number of his accounts. I realised I would be vulnerable to the same attack, and immediately resolved to take action.
What was required was a domain registrar with 2 step authentication. The quality of their DNS system didn’t interest me as I already use Route 53 for DNS, and amazon web services do include 2 factor authentication. However, I do have several .co.uk domains which many US registrars don’t seem to offer, at least not with official support. Then I heard that amazon were offering domain registration themselves (via a partnership with an existing registrar). Their prices are very competitive with my former registrar (123-Reg), they already provide my actual DNS service, and of course they have the all important 2 factor authentication. Migration took a matter of hours. .com and .org domains cost $12 to transfer but this included a year extension which is good value just for a renewal price.
In summary — if you have you own google apps with your own domain name, make sure your domain registrar s secure with 2 factor auth. If they aren’t — consider moving!
“Hi James I realise it has been a long while, but I just checked this on windows 11 (build 23H2)…”