Account security

At a glance

  • As standard your Online Services account is secured with a password of your choosing
  • Two-Factor Authentication offers additional security levels
  • For the UK namespace, individual domains can also be given an additional level of security with Domain Lock

Migrating to TLS 1.1

From 3 November 2015, to access the Online Services website, your browser and operating system must support:

  • TLS 1.1 and/or TLS 1.2

The table below shows browser compatibility based on information from the browser providers.

BrowsersDefault support for TLS 1.1 and/ or 1.2Support available but not set as default – will require configuration changes to enable
Internet ExplorerFrom version 11versions 8-10
ChromeFrom version 22 
FirefoxFrom version 27versions 23-26
SafariFrom version 7 

Keeping your Online Services account secure

Nominet is committed to boosting the security of the UK namespace, helping to protect it from attack and exploitation. We want to help you keep your Online Services account secure from unauthorised intruders. 2FA is mandatory for all registrars using Online Services

2FA improves security as an intruder would need to have access to the device where it is installed, as well as know the account password. This increased security will help reduce the risk of DNS hijacking or confidential information being compromised.

You can view or change your current security settings in Online Services at any time by going to ‘Login Settings’ and selecting the relevant option.

Two-Factor Authentication

Two-Factor Authentication (2FA) is mandatory for all registrars accessing Online Services.

2FA is free and Nominet has used RFC 6238 for implementing 2FA which is based on time based passcodes. Google Authenticator is widely used and recommended by Nominet. Another frequently used application is Authy apps. 

See our Two-Factor Authentication User Guide for detailed information on:

  • Setting up 2FA on Google Authenticator, logging in and adding/deleting devices
  • FAQs
  • Troubleshooting
  • Glossary

Domain Lock

For the UK namespace, if you require additional security for an individual domain you can apply Domain Lock which allows domain names to be locked at the registry level. This is charged at £75 p.a. per domain. This means that no changes can be made to the Domain Name System (DNS) configuration unless unlocking is explicitly requested by a pre-authorised representative through an additional authentication process.

See here for more information on Domain Lock.

Setting a strong password 

It is important that you choose a secure password to protect your Online Services account:

  • It should contain a minimum of 8 characters.  The longer it is, the harder it is to crack
  • Do not use common passwords such as ‘password’, your date of birth, pet name etc.
  • Do not use a number sequence (1234) or repeated numbers (1111)
  • For additional security, consider adding uppercase letters, symbols and numbers
  • Use a different password for all your different accounts and never tell anyone else your password

Help

If you forget your Password or have any difficulties logging into your Online Services account you should contact Customer Services.