A domain name is one of the most valuable digital assets for any business and losing it can cause major financial damage and reputation loss. Hijacking happens thousands of times every year and in most cases the domain is not protected well enough. Domain Lock is the mechanism built to prevent this threat by blocking any important changes to the domain and only allowing them with the owner's consent.
Registrar Lock and how it works
Registrar Lock is the most basic and common type of protection and is set by the domain registrar. When the lock is on, it is impossible to transfer the domain to another registrar, change name servers or update contact data. Even if a bad actor breaks into your account, without removing the lock they cannot make any important change.
This service is usually available with all registrars and most offer it for free. Turning the lock on and off can be done only from the owner's account and often needs extra confirmation. This simple but effective approach prevents more than 90 percent of hijacking attempts.
EPP Lock and its features
EPP (Extensible Provisioning Protocol) Lock is another level of protection that is set at the registry level. This lock is stronger than Registrar Lock because it can be removed only through a special confirmation between the owner and the registry. With EPP Lock, special status codes such as serverTransferProhibited, serverUpdateProhibited and serverDeleteProhibited are placed on the domain.
This stronger protection is usually used by large companies and for expensive domains. With EPP Lock on, even a glitch in the registrar's internal system will not put the domain at risk of important changes. The service often comes at extra cost but for expensive domains it is a justified expense.
How domain hijacking happens
Domain theft can be carried out in various ways and the most common is phishing to steal the registrar account credentials. The attacker sends a fake email, gets the user to log in and steals the password. Then they log into the account and change contact data and name servers.
Another method is attacking the email of the registrar or the owner. If the email account is compromised, the attacker can also get into the registrar through password reset. That is why two-factor authentication (2FA) and a separate secure email are essential for domain protection and must work together with Domain Lock.
When the Lock should be removed
Temporarily removing Domain Lock is only needed in certain cases: transfer to a new registrar, major change in contact data or a significant update of name servers. During this time you must remember the domain is vulnerable, and right after the work is done the lock should be put back.
During transfer, when the lock is off, an EPP code (transfer authorization code) is also generated. This code is valid for 7-10 days and is given only to the real owner. After removing the lock and getting the EPP code, you should act quickly, because staying unprotected for long is dangerous.
Sayt.uz practice
On all domains registered through Sayt.uz, Registrar Lock is on by default and provided at no extra cost. EPP Lock is part of the premium protection package at 145,000 sums per year and is recommended primarily for large companies and e-commerce platforms. Last year 31 hijacking attempts were recorded and in every case Domain Lock blocked them successfully. 94 percent of clients use the lock together with 2FA, which gives the best security results. Premium package owners also get additional insurance protecting against domain theft up to 50 million sums.