Namecheap FINALLY have secure 2FA

Namecheap FINALLY have secure 2FA

I have a bit of a love hate relationship with Namecheap.

I have used them for years and years because they offer the best interface for traditional domain name management. They are not perfect, and there are a number of issues with their tooling but sadly no-one else does any better.

There are some registrars that try and do everything, but do nothing well. Others try and make things look cool.. but do nothing well.

The price you pay for Namecheap's better product is higher registration and renewal prices. Not 'loads' higher (although $1 more on a $9 sale is more than 10%), but sufficiently higher that if you owned thousands of domain names it would be noticeable.

I did have a pretty bad experience with Namecheap once. They nearly lost one of my domain names, and they engaged in some (arguably) underhanded tactics to resolve the situation. That said, as above, they still offer the best overall package.

One thing however that always annoyed me was their lack of secure 2 Factor Authentication. They only offered 2FA whereby they would send you a text message with a one use code. As we know that is not particularly secure.

I requested 2FA using Authy a number of years ago. Many, many other people did too on Twitter, Hacker News, and Namecheap's knowledgbase. The response was always "coming soon", "we have it on the list" etc. Given this I found the way that Namecheap announced it a little antagonistic. In an email entitled "Back to basics" they state "You asked for a better Two-Factor Authentication system and we listened!"

Namecheap 2FA Announcement

That is not really what happened. They ignored the request for years and years before finally succumbing to the pressure.

I have seen a number of blog posts that state that Namecheap had to rebuild significant infrastructure prior to being able to implement it. OK, fair enough. Why did they not just say that?

To be fair, their new 2FA offering does work well. It is nice to have additional security, and I am obviously going to continue to use Namecheap. I just do not understand why companies are not up front about what they are doing and why.

If you offer a good product, customers will be loyal. Simple.

Namecheap 2FA Tweet


Thomas Clowes

Thomas Clowes

I am a 28 year old software engineer from the United Kingdom. During the day I build multi platform applications. In my spare time I eat food and run marathons. Sometimes I write angry tweets.