I have been using Porkbun for domain name registration until now, but I wanted to move to a European registrar. When I registered a domain, I received this email. Is it normal?. If not what registrar do you use? I have filled in my name and address while registering an account and have 2fa on. It’s an id verifier app.
The app https://apps.apple.com/us/app/infomaniak-kcheck/id1500022928
To infomaniaks credit they gave me a refund instantly when i asked.
Yes, this is normal. The alternative is having your domain stolen and held ransom by someone who pretends to be you. Usually they do have an alternative method though, using some other 2fa like a yubikey.
This is absolutely not normal.
While 2FA is normal, there are multiple ways to 2FA. I’ve never heard of having to install their own proprietary app on a phone just to use an authenticator token.
Don’t think it’s 2fa. Its id verification.
Screenshot of the app store screenshots.
This looks like a dream target for hackers. Imagine all the data you could find here. If there ever was a single point of failure, this is it.
Well, that’s all kinds of wrong.
It can be normal depending on the tld you chose. There are territorial tld’s that are restricted to, eg, residents.
It’s not a country tld so don’t think it’s that.
Not really. 2FA or other “strong” authentification for requesting the auth-code is common.
The receiving registrar doesn’t care at all.
Likely the only check there is, is fraud protection and that is them protecting themself against payment frauds and not you/the domain.
There are independent apps for that where you can link all your accounts.
Others have pointed out the app is for identification which makes sense to have an app to secure the exchange, but a lot of them don’t request identification in most cases.
Many services do that. However, very few make it the only 2fa allowed.