Two-factor authentication at GoDaddy.
With GoDaddy now offering two-factor authentication worldwide, there is no excuse not to enable it.
Domains can be stolen using the usual phishing technique, or via social engineering.
Just in case you need additional motivation, here’s some food for thought.
Yesterday, a domain investor lost control of three valuable dictionary domains – Freaked.com, Afraid.net and Died.org – after he fell prey to a phishing attack.
Without two-factor authentication enabled, the perpetrator gained access to his account.
After reporting the incident, GoDaddy locked down the domains, making them impossible to be transferred out, but not before the thief had moved them to a new account with fake WHOIS info.
For the record, the email used by the thief was ktmj8ddw@gmail.com – a purely random string, apparently used in order to avoid detection.
Many thanks to Joe Styler of GoDaddy for handling this case as an emergency; the domains are back in the possession of their owner after less than 24 hours.
