Markmonitor runs a registrar popular with fortune 500s that implements additional security steps, and talking to a clued in live human in the loop to modify anything in your domain record. On Mon, Feb 25, 2019, 6:03 PM <valdis.kletnieks@vt.edu> wrote:
On Mon, 25 Feb 2019 18:23:44 -0700, Paul Ebersman said:
Agreed. But this also gets down to the risk vs hassle tradeoff. Joe's Bait & Tackle Shop probably isn't getting attacked by nation states who can hack SS7, so SMS text might be good enough. And certainly better than just an 8 char plain text password.
So what registries/registrars are supporting 2FA that's better than SMS? Or since 98% of domain names are Bait&Tackle type, is nobody bothering to support something for the 2% that could use it?
Or is there a business opportunity lurking here? :)