Comment by Operyl
6 years ago
They never had a real "no bullshit" policy. When I had my domains with them, I had been asked to verify my identity 34 times in 12 months. 34 separate fucking times. Because "ICANN says so" or some stupid shit (their words, not mine). It stopped the moment I moved to Google Domains, where they asked once and never again.
EDIT: And, to make things worse, each time I was threatened with the "confiscation" of my domain, and the round trip on the tickets was so high that each instance took 2-3 days to resolve. Frustrating as hell.
Since you're giving a anecdote, let me do the same. I have about 30-40 domains with Gandi, and have been using it for about ten years. I don't remember ever verifying my identity, but guess I most have done it at least once. I have not been asked to verify anything for at least the last five years of using it.
Disclaimer: I don't work there or have any relationship, except I'm a happy customer
It was a matter of them refusing to keep my identity on file, and the threatening tone of each ticket. It grew tiresome quickly.
Sounds more like a bug than anything. Why would they want to not make it easier for you if they can?
Seems you missed my point though. Both of our anecdotes doesn't really say anything, in terms of if Gandi is good or bad.
3 replies →
Same, I've been using Gandi for DNS and email for 9 years, without any issue or request on their side.
On the other hand, i've started using them more for DNS because the one time I forgot my password (typo in password manager I think) they made it very difficult for me to reset it, asked for pieces of ID, phone number registered in my name etc...
This is at the time of the stories of other registrars giving customer second and third chances to guess their PIN, or credit card or whatever mechanism they had, and resulting in domain hijacking.
> asked for pieces of ID
This is annoying for everyone but the adversary who can just spend $50 to buy a set of fake ids with your info.
Especially since Gandi doesn’t store your old IDs, they aren’t even going to check if the info on the fakes matches the ones you provided previously.
> phone number registered in my name
I can’t imagine this working very well, just give them a number from a country where they can’t verify who owns the number.
>They never had a real "no bullshit" policy. When I had my domains with them, I had been asked to verify my identity 34 times in 12 months. 34 separate fucking times. Because "ICANN says so" or some stupid shit (their words, not mine).
Can you elaborate what the "verification" entails? There is an ICANN requirement[1] to validate whois information, although I've only been asked to validate email (at another registar, not ghandi).
[1] https://www.icann.org/resources/pages/approved-with-specs-20...
Wanted photos of passports, but they would always reject the first one for an unknown reason. The second one would always go through, but I do not understand why they wouldn’t just keep it on file. It was more than twice a months usually, and that was absurd.
Jeez. Like most experiences I suppose, it's hit and miss. They've promptly resolved every problem I've had and I've bought plenty of domains through them.
They're still my go-to provider.
Gandi was deploying the ID verification as a bullying tactic long before anything like that was mandated by ICANN. (Not that ID verification is even mandated now)