Kudos to ccTLD Registries for Taking Measures to Improve Security

When I first wrote about Domain Registry Locking over a year and a half ago, Verisign was the only Registry offering a true Registry Lock Service. Of course, not long after, Neustar announced their Registry Lock Service too.

Recently however, a number of ccTLD Registries have also adopted Registry Locking programs including .AF, .CX, .GS, .GY, .KI, .NF, .NL., .PR and .TL.

A domain that is set to a Registry Lock status can not be updated using automated commands and an offline security protocol must be completed before the domain can be modified in any way. Domains that are set to a Registry Lock status may or may not be identifiable by their Whois records.

Registry Locked domains are impervious to hijackings, erroneous name server updates and social engineering attacks.

Because of the protections afforded by Registry Locking, any domain that is mission critical should be Registry Locked whenever possible.