But who will protect my domain from GoDaddy?

When I first started buying domains, I used GoDaddy because someone recommended them and they had a sale. Their website was more complicated than it needed to be, and everything loaded very slowly. When I tried Namecheap next, I found out it didn’t have to be that way. Namecheap is less expensive, and offers free…

When I first started buying domains, I used GoDaddy because someone recommended them and they had a sale. Their website was more complicated than it needed to be, and everything loaded very slowly. When I tried Namecheap next, I found out it didn’t have to be that way.

Namecheap is less expensive, and offers free privacy protection with every domain purchase, transfer and renewal, and has a really nice control panel for managing domains, and a super spam filter that changes your random fake email address in who is as often as you like (up to daily). It’s all straight-forward, economical, and so far not a hint of a problem. I was content to just transfer my domains as they expired over to Namecheap, and chalk to GoDaddy experience up to lessons learned.

Until GoDaddy refused to release one of my domains. Here’s how it happened.

Last January, I registered two domains, a day apart from each other, with privacy protection. I supplied different email addresses with each of them. Later in the year, one of those email addresses became invalid, so I carefully changed it everywhere on the web I had used it. Including GoDaddy. But not including their sister company, DomainsByProxy. I didn’t realize I needed to use a separate control panel to do that, and I got no email notification about it. Interestingly, if you call GoDaddy and ask how to get in touch with DomainsByProxy, they say, “You’re talking to them – it’s the same”. But not when it comes to your customer information.

Do you know what the procedure is for changing your email with DomainsByProxy? You have to fax (on a totally unsecured line) a photo government ID with your current address along with a form to prove you’re you. Now, what’s the point of keeping your identity off WhoIs if you’re going to fax your driver’s license willynilly to whatever person at their office – assuming you don’t accidentally dial somebody else – looks at it? Does GoDaddy/DomainsByProxy take responsibility for employees who might use license numbers to rig up a sweet little identity theft scam? That’s a rhetorical question: of course they don’t.

And I’d a lot rather lose a domain than thousands of dollars due to identity theft. Add to this the problem that I don’t have a government photo ID with my current address – my state is one of those brilliant ones that just sends you a sticker when you move, instead of a whole new ID. At no point was there ever any way I could have changed my email address with DomainsByProxy without buying a passport I don’t need. And if I had bought the passport, I’d have been forced to expose it insecurely and put at risk my legal identity. And that’s my major complaint.

So the one transfer – of the domain where I never used the eventually expired email address – went through just fine. But for this one, I wasn’t receiving the email to confirm the release of the domain because it was going through the old email that DomainsByProxy had, instead of the new one that GoDaddy had had for months. I eventually managed to log in to my DomainsByProxy account using the email address on the domain that did transfer, and turn off privacy for the domain, which eliminated that problem.

But in making that change, I triggered another little security feature GoDaddy employs to prevent you from transferring your domain away from them terrorists from stealing your domain: you can’t transfer a domain if any changes have been made to it within the last 60 days.

Excuse me? It’s my domain. GoDaddy is satisfied that I’m me on the one domain. But they’re going to “protect” my other domain from myself? And is there a human being in the entire company who can override this system when it’s so obviously not needed in a particular case? No. And if I let the domain expire with GoDaddy, they have something where they keep your domain name reserved 60 days after expiration, so you can’t just buy the domain through some other company. That’s interesting, isn’t it? Reminds me of… oh, I don’t know. Squatting?

The one domain is happily transferred to Namecheap, where it’s privacy protected for free and already the spam has stopped overnight. But I was forced to renew the other domain with GoDaddy, all because in their alleged obsession with security, they provide no secure way for a customer to change email addresses. Could they give me a discount? Oh, hell, no. Naturally, even though I paid for a year, I will be transferring the domain to Namecheap as soon as GoDaddy’s craptastic system allows. This morning, of course, I got an email thanking me for being a loyal customer and offering me a discount on any domain renewals.

I promised GoDaddy’s customer service reps some bad publicity, and here it is. Do yourself a favor. When a company tells you everything they’re doing is for your security and everybody does this, then offers you nothing but insecure ways to make changes, don’t buy the hype. There’s something else going on there. When I first started out, I bought 3 domains through the hosts I hosted them with, having no idea you could do it all separately. When I transferred those domains to Namecheap, I had no problems. Every domain I’ve ever transferred from GoDaddy has been a hassle – and never quite the same hassle – they define so many things as problems that it’s easy for them to “deny” transfer requests.

This is not something all registrars do, and I don’t believe for a second it’s for my security. It’s just GoDaddy. Don’t let them tell you any different.

UPDATE: April 5, 2006. Now that their 60-day squatting period is over, I’m trying once again to transfer it. Everything is properly set up and it’s supposedly pending, except… it’s not happening. When I go to their control panel, it says they need a confirmation email I’ve already sent, and that the domain is being “updated” and can’t be modified. When I go to my Namecheap control panel, it just says the transfer has been initiated and nothing’s wrong so far.

UPDATE #2:  April 11, 2006. A representative from GoDaddy contacted me privately after my latest article on my troubled domain transfer. Since then, my domain has been transferred, and my PayPal account credited with the amount of the last renewal I was forced to order, or risk losing the domain. While that doesn’t help customers who don’t have a blog on which to air their troubles with online vendors, the representative has asked for any information I can give that might help her research what went wrong, so perhaps she’ll be able to do something that leads to improvement.

UPDATE #3: Jaunary 2012. Still getting comments indicating GoDaddy has not improved. This is very unfortunate. Pass the word!

Last Updated:

June 16, 2025

More Like This

Leave a Reply

Your email address will not be published. Required fields are marked *

17 Comments

  1. That’s terrible. I thought I was having problems with Registerfly.com but I’m glad I dodged GoDaddy.com – I wasn’t impressed with them because they said that they accepted PayPal, yeah, with a credit card. Reason #43959858 why I use PayPal – I don’t have a credit card. I switched over to NameCheap too – and so far I’ve not had ANY problem with them.

    Sorry to hear about the trouble with GoDaddy… hopefully others will read what you’ve said and avoid them!

  2. The whole point of PayPal is to avoid using a credit card – whether for security or because you don’t have one. Glad to hear you’re enjoying Namecheap, too – so far, I’ve heard nothing but good things about them.

  3. I’m having the same problem at the moment trying to update changes to email addresses.

    I replied to their ungodly request of a government ID JUST to change an email address. I said “who do you think you are? The FBI?”

    I’m currently in Australia and refuse to fax over my passport information to this company for everyone to see.

    so the frustration for me begins!

  4. I agree with you. I’m having problems with GoDaddy too, now I have a domain that is stuck for one year.

    Namecheap is so much better.

  5. godaddy sucks big time. they lock up your domain once someone complaints even if there was no valid reason for the complain and holds you hostage. if you don’t want to lose your domains and be at their mercy, stay away from Godaddy!

  6. Im with a non profit group, we have only a checking account. Our account was initially set up by a member using her credit card, I had changed to our team checking account. Our domain renewal for 2 years went through no problem, now I was told that the web account is expiring and the payment did not go through. After being on the phone for 45 minutes going over the account info/my info/web info etc… I checked with the bank to verify everything was okay.. and it was. So called back Godaddy and then was told to call some 3rd party who processes the payments and tell them to put us on a VIP list, since they’ve already used this checking account for prevoius purchase 2 months ago… should not be a big deal WRONG… the “3rd party” after giving them all my info over the phone from my license number to bank/ and last 4 digits of social they tell me that it wont get past their fraud checking and I need to find another way to pay. Call godaddy back, find out I CANT even mail them a check… only suggestion they have is to use my personal credit card for transaction… I DONT WANT TO SUBJECT MY PERSONAL! I tell them I want a refund for my domain payment, which they inform me that is nonrefundable. I am not a ‘webhosting’ savvy person at all… we have a friends son who edits our stuff for free, I dont know what I can and cant do and with what Im reading about the complaints against godaddy seems I will probably lose our domain name unless I stay with them and use my personal accounts. I know, my complaint probably seems pett and Im rambling… but I am sooo pissed I needed to vent! NO GODADDY… when I learn how to change to somewhere else we are GONE. Glad you have this site, now I can research where to go when I get to leave them!! =O

  7. Stacy, no it’s not petty at all. What they’re doing is just not right – they’re just trying to strongarm people into leaving their domains with GoDaddy, and I consider it about the same as locking the door to keep people inside a department store and telling them they’ll be allowed to leave just as soon as they buy something.

    I’m not sure what options to suggest for you. It might be worth talking to a lawyer – most of them are not too “up” on web stuff, but if you can find one who gets your situation, they might talk to you for free and make some DIY suggestions that won’t cost you anything.

  8. can any one tell me, on godaddy auctions, why my domain is for sale on a limited period..?whats the use of such auction?

  9. Pingback: Q&A: How to turn on privacy protection for my domain on godaddy? | MoSo Web Hosting
  10. I know this is an old thread, but the GoDaddy/Domains by Proxy “magic” goes on.

    I am still going through a similar dilemma. I could scream!!! I have wasted nearly 5 days–so far– trying to transfer a single domain from GoDaddy to another registrar. This domain, sadly, has Privacy attached (through GoDaddy’s alter ego, Domains by Proxy–DBP). As long as Privacy is “on” a transfer cannot take place.

    Now, here’s the problem: When the previous registrar, Registerfly went out of business, this domain was automatically transferred to GoDaddy. I don’t remember exactly at what point the Privacy feature was attached. From many complaints I have recently been reading, one year of Privacy may have been offered for free. As I said I don’t remember now what the circumstances were. But here’s the rub: When Privacy was established with Domains by Proxy, I was never sent any information about an account number or password for that part of my account. Since I never received it, I assumed that it was the same login information and account number as my GoDaddy account. Man, was I wrong!!!!

    What a slick bunch of operators these psychopaths are! They are masters of making you jumpt through multiple serial hoops in order to wear you down so you don’t transfer out of their little piece of HELL.

    Now that I want to transfer my domain, I need to turn off Privacy. In order to turn off Privacy, I need to know my DBP account number and password. Since I was never given an account # and password for the DBP aspect of my domain account, I have no way to enter the DBP account to turn off Privacy. If you fill in a form to request the account number, the information never is sent or never arrives. So then you have to fill out a new form to change or advise of the email address on the account and then maybe, maybe they’ll send you the needed info.

    So what’s a gal (sucker) to do? DBP has a web form where you can fill in a bunch of information and attach a photo ID (I sent my passport since my driver’s license is currently expired) and they will presumably send you your account number and login info. I dutifully filled it in. Well, today I received their reply. And guess what, they need me to do ONE MORE THING.

    Since this domain name uses the name of my business and not my personal name, they now need me to send them proof that this business name exists. This name is a DBA (doing business as) name, but not officially. I have never registered it with my town because it’s such a small and inconsequential business.

    In order to give them proof of the name, I need to go to my town office and pay them $40 and fill out a bunch of forms and possibly incur the wrath of the town zoning board. All to please GoDaddy/DBP’s bottomless pit of evil.

    Here’s what they want now:
    A Request For Email Update form was received for XXX.COM. We acknowledge receipt of the photo ID. However, to process this request we require a copy of government-issued business ID for the company listed as the current account holder.

    Acceptable forms of government-issued business ID include:

    • A copy of a government-issued business license from a local, county, state or federal agency
    • ‘Doing Business As’ documentation
    • Fictitious Name documentation
    • Tax certificate documentation issued by the IRS (sending the EIN number alone is insufficient)
    • IRS 501(c)3 or 147 (c) Determination Letter – you may request a copy of this letter by contacting the IRS at 1.800.829.4933
    • State issued certificate of tax exemption showing charitable status

    Note: Articles of incorporation/organization, employment applications, documents printed from the Internet, and/or tax returns will NOT be accepted as government-issued business ID.

    Please reply directly to this email and attach a scanned or digital photo of the required documentation to it.

    And one other thing. We want your first born! I could kill. These people should be marched out of town and strung up. It is sign of the breakdown of our justice system and rot in our culture that criminals like this can continue to prey on the public for years.

    And in reading one of the posts in this thread, I am reminded that several years ago, right after renewing several domains online with GD, I found several mysterious (and large) debits on my local bank debit card. Totalled about $3,000. Fortunately, my bank got on it and recovered the money. The theory at the time was that “someone” must have “broken in” on the “line” and stole my identity. Knowing GD as I do now, we might not have to look very far to find the culprit,

  11. THANK YOU. I HATE GD. I’ve been with them since 2011, but now that they are FORCING me to turn over my ID to them in order to get back into MY account, I am terrified. They can do this? REQUIRING copy of VERY private and personal document, even encouraging you to EMAIL it? HUH they don’t know how dangerous this is. HOW can they be allowed to get away with this?