Hope this gets to someone who may be just on the verge of choosing a registrar.
Around the 20th of June this year, I went to log onto my account with Register.com, to change a detail in the contact information, when I was asked for the user name, I input the correct one, then it asked for the password, I then realised, that I had mis-placed it, and knowing that usually the companies just send you another password by email, I just clicked on the link for when you forget the password.
Bearing in mind that ALL of the contact details for my web site were all mine and no-one else's, including the email address.
When I clicked on the link on their web site for when you forget the password, I then got a pop up message saying that
"Your user name and a link to create a
new password have been sent to
xxxxxxx@yahoo.com"
(xxxxxx substituted for the real one)
The email address above related to the person who I bought the domain name from nearly two years ago!
So in effect they were inefficiently going to give the chance to own the web site name to the previous owner!
I then decided to act pretty quickly in getting the domain name transferred to another, more efficient registrar, which I did.
After many emails that I sent them since then and many robotic replies to my emails from Register.com, I am still no nearer to getting a satisfactory answer.
Today, 1st of July, someone from the Customer service department called me to say that the whole process is automated, I then explained that in effect you are giving control of my domain name to someone else, he went quiet.
Take heed, STAY WELL AWAY FROM REGISTER.COM, go instead to :
[godaddy.com...]
[namecheap.com...]
(They are also cheaper as well).
You have been warned.
I would imagine that there's not many people who know about this loophole in their system, so try and help others by letting as many people as possible know about this.
Regards.
Doug.
So in effect they were inefficiently going to give the chance to own the web site name to the previous owner!
Without wishing to sound too harsh, you can't blame Register for your failure to update the account details - these should have been changed by you when you bought the domain from the previous owner two years ago in order to reflect your ownership of the account; it's certainly no loophole.
R.
In cases where you can't verify these e-mails for whatever reason, changes to the records require that the holder of the credit card originally used to purchase the domain contacts Register or that the Registrant contacts Register directly and resolves the issue by a series of faxes.
This being the case, it's possible that the records weren't changed as you desired as you were unable to approve the confirmation mail sent to somemail@yahoo.com and hence, you couldn't retreive the password later.
That's my take on it anyway as Register send all password reminders to the listed Admin contact. If the WHOIS is correct, there's no reason for you not to be able to access the password via their recovery route - if this is the case, there's obviously a serious problem.
R.
The owner of the Domain could not login to the Verisign account manager because the password was mailed to an address that was 5 years old and not valid. A total stranger received a letter from Verisign with the password to access all of the personal contact info for that Domain!
Fortunately, it was no good without the new, scrambled username. It required two phone calls and a fax on a corporate letterhead to fix this problem, which was created by VS taking it upon themselves to change the usernames and passwords of all their customers without the consent of those clients.
