Since I started the internet thing, heavily, I’ve put my trust behind one registrar, that being godaddy. Why? Because they had the best setup available. I mean, 4 years ago, who could beat $8.88 domains? Nobody. Who had paypal ? Nobody. Who had automatic renewals? Nobody. This was all something new, and made Godaddy good. Well, too good it would appear.

With all this good stuff, it’s clearly obvious that something had to go wrong, and not just ONE something, but something pretty serious, AND yet another something. Not exactly greatness in the behalf of Godaddy. Let’s start with the ONE something first

Godaddy has effectively stolen (yes stolen) one of my best friend’s domains. She can not login to manage it, she can not access the control panel, and the individuals flat out refuse to help her. Why? Because , after 3 years, she can not “prove” herself. Here’s the story (as real as it gets).

Towards the end of 2002 when everything was just starting up with me, a friend of mine needed some hosting. Great, she came to me, because she knew that I was one of the best and most dedicated admin out there on the planet. After taking a look at what she needed, I suggested she go with Godaddy, as they had (currently) provided me with excellent service and support.

She registered the domain with Godaddy, and along the way made things private, due to whois abuse, etc.ÂÂ Ok, that’s fine, no worries there. Because of her making things private, it was impossible to tell who she registered it to, which, surprisingly enough made things a bit more difficult.

I should mention that when registering this, when starting this up, my friend had just lost her husband, found out that she was pregnant, HAD her child, and was looking at having to move due to the cost of being a single mother, etc… Yeah, the last thing she needed at that specific time was to have to worry about important documentation, though, she did, in fact, store it on a hard drive.

Jump forward now, 3 years later:
Due to issues with the server hosting her nameservers, I recommended she contact godaddy and have her nameservers changed. No big deal right? Well, this was last year, and she’s STILL yet to receive any “support” from these people about things. Why? Because she can’t “prove” herself.

In 3 years, she’d moved, changed banks, gotten married again, changed paypal accounts, and more. To boot, the computer she had the information saved to had been toasted, couldn’t be fixed for anything. So, she’s unable to login to godaddy.

Upon contacting Godaddy, they told her she needed the last 4 of her CC and her account number to get any information out. Yes, even though the CC was old, and, there was no way she could get it, they demanded this information. Great, now, the she’s effectively locked out of things, for good.

When trying to “send a reminder” of her login id, the system will only send it to the registered email on file. The problem here? This was back when attbi was in business and providing cable internet. Yep, the email address doesn’t work whatsoever. Great, strike two! So, this friend can neither login, NOR access her information.

After many unsuccessfull attempts, I figured I’d give things a try. After all, for 4 years, the nameservers have been pointing to servers and a domain under my control, so there’s a bit of hope there, right? Not at all. Even though, the evidence shows that the domain has been pointing tos ervers I administrate and control, the individuals still would not help out in any way, shape, or form.

Now, this friend clearly admits that she probably could have helped things out along the way, by changing her email address when it was appropriate, or updating her credit card information, but, like I said, remember, she had just lost her husband, had a kid, and was on the verge of moving. That’s a hell of a lot to deal with right there, and remembering petty things (which this is) such as logins and email changes, well, they’re at the back of the mind.

Like I said, godaddy has effectively stolen this domain, refusing to give it to individuals who have proven they have control of the dns and domain servers, and to her. They claim it’s for “security” purposes, but when it comes down to it, security has nothing to do with it. It’s all about theft.

Now, to the second event. This one was more personal as it actually involved my account, not once, but twice.

A few weeks ago, Godaddy announced a “store credit card” feature. Great, in fact, beyond great. Now, I don’t have to fish for my wallet when registering new domains, I can simply use the “store credit card” feature and it’ll automatically do things for me. Well, that was my first mistake right there.

Because I use Firefox, and have things saved off to a backup drive/partition, the setup I’m using doesn’t often ask me to enter passwords, except for my master password. Because of this, I don’t often remember the passwords I use. I have a list of about 6 or 7 I cycle through for security, all secure, using alphanumeric passwords (a mixture of letters/numbers), all around 8 or 9 characters. That’s about as secure as you need to be, or can get.

The problem with this? Godaddy has their OWN security measures which are forced on clients storing their own credit cards. Don’t get me wrong, security is good, but when it comes to security, it’s ALWAYS best left to the client to manage personal security. Since none of my passwords have caps (who needs ‘em with a mix of alpha/numeric passwords), I had to think of one. Now, since no security individual WRITES their password down (come on, that’s just insecure), I had to commit it to memory.

Since this password was a variation of passwords I’d used in the past, it wasn’t HARD to remember this. The problem? Godaddy, yet again.ÂÂ After 3 failed login attempts, Godaddy locks your account. Yes, they lock it. That’s a bit much to me. I could see locking it after 9 attempts, maybe a bit less, but 3 is just pushing it.

Not only does Godaddy lock your account, they effectively don’t tell you about your account being locked. You simply get the “invalid password” message when trying to login. It took me a half an hour to figure out that nothing was working right, and to call them. Yes, you have to “call” themÂÂ to get it unlocked. What’s worse? They have to change the password to unlock it, or send you a “change password” activation. Talk about completely retarded! Wait, there’s MORE!

When said “change password” link is clicked on, you can not use a password you’ve used in the past. Huh? So, now I have to create and memorize a new password, because of some fake “security” sense? Come on now, what’s wrong with this!!!

So, Godaddy steals domains, steals accounts without notifying individuals of it, all in the name of “security”. I’m sorry, but that’s just wrong. While I’m a security individual, and a tech, I refuse to support theft, or this kind of fraudulent attempt. There are plenty of other ways to do things here, but this is just wrong.

Who to now? I’m not sure, going to try out namecheap, have a few with domainsite, but those are getting moved off as well (they don’t auto-renew, and they have no idea what they’re doing from a business sense). If namecheap works out (and I don’t see why it wouldn’t), then I’ll keep things with them for a while.

The long and short? If something is good, don’t change it. Keep it as it is, because changing it will only cause frustration, headache, and lost business. I do about 40-50/month in business with GD. Yeah, pocket change to them, but considering the domains I add monthly, it’s pocket change that can easily add up. Not any more, though. As I get renewal notices, I’m slowly transferring everything away from those manipulative individuals, and TO someone who can actually manage my domains without the headaches caused by GD.

Anyways, just a warning. If you’re thinking of using GD, don’t. This isn’t the first horror story like this I’ve heard, and I’m sure it won’t be the last. From turning off client’s domains (due to spam/etc) to giving client’s domains away to others, I’ve heard it all. I didn’t expect to be here posting this, otherwise I would have changed much earlier, but hey, such is life. We never expect it ;).

Lata,

-=T=-