At a glance
Migrating to TLS 1.1
From 3 November 2015, to access the Online Services website, your browser and operating system must support:
- TLS 1.1 and/or TLS 1.2
The table below shows browser compatibility based on information from the browser providers.
|Browsers||Default support for TLS 1.1 and/ or 1.2||Support available but not set as default – will require configuration changes to enable|
|Internet Explorer||From version 11||versions 8-10|
|Chrome||From version 22|
|Firefox||From version 27||versions 23-26|
|Safari||From version 7|
Keeping your Online Services account secure
Nominet is committed to boosting the security of the UK namespace, helping to protect it from attack and exploitation. We want to help you keep your Online Services account secure from unauthorised intruders.
As standard your Online Services account is secured with a password of your choosing. See below for advice about choosing a secure password.
In addition to your password, we have two optional levels of security that you can apply to your Online Services account depending on your security requirements: passphrase and Two Factor Authentication (2FA).
Both a passphrase and 2FA can be added to your account free of charge.
You can view or change your current security settings in Online Services at any time by going to ‘Login Settings’ and selecting the relevant option.
A passphrase consists of 6-16 characters and is different to your password. Once you have set up a passphrase, you will be asked for 3 random characters from it every time you log into Online Services, in addition to your email and password. See here for advice about setting a secure passphrase.
If you forget your passphrase you will need to contact Customer Services. We will take you through security questions and once we have verified your identity we will delete your passphrase. You can then reset your passphrase when you re-access your Online Services account.
Two Factor Authentication (2FA) is a two-step verification process that provides an extra layer of security to users accessing Online Services. It is achieved by combining:
- Something you know (your login and password)
- Something you have (your smartphone or another device with which you can generate a unique passcode using a free third party app such as Google Authenticator)
2FA improves Online Services account security as an intruder would have to gain access to the device where it is installed, as well as acquiring knowledge of the password/passphrase. The service reduces the risk of DNS hijacking or confidential information being compromised, and is part of a series of initiatives to enhance the security of, and trust in, UK domains.
See our 2FA User Guide for detailed information on
- How to use Two Factor Authentication in your organisation
- Instructions for setting up 2FA, logging in and adding/deleting devices
- FAQs, troubleshooting and glossary
2FA in brief
2FA is optional and available at no extra cost. It uses the Google Authenticator apps and plug-ins - which are freely available on all major platforms - to generate secure codes that will allow you access Online Services. You can install Google Authenticator on a smart phone, tablet, laptop or PC.
Once you have activated 2FA on your account you will be required to enter a 6 digit passcode every time you access Online Services, in addition to your email and password. If you previously had a passphrase set up you will not need to enter it if you are using 2FA.
How do I sign up to 2FA?
You can either follow the system prompts when you first login to Online Services or you can go to ‘Login settings’ and select ‘2FA - Add/manage devices’. The user guide explains the processes for signing up.
See here for further information on Nominet introducing 2FA.
For the UK namespace, if you require additional security for an individual domain you can apply Domain Lock which allows domain names to be locked at the registry level. This is charged at £75 p.a. per domain. This means that no changes can be made to the Domain Name System (DNS) configuration unless unlocking is explicitly requested by a pre-authorised representative through an additional authentication process.
See here for more information on Domain Lock.
It is important that you choose a secure password to protect your Online Services account:
- It should contain a minimum of 8 characters. The longer it is, the harder it is to crack
- Do not use common passwords such as ‘password’, your date of birth, pet name etc.
- Do not use a number sequence (1234) or repeated numbers (1111)
- For additional security, consider adding uppercase letters, symbols and numbers
- Use a different password for all your different accounts and never tell anyone else your password
If you use a passphrase to add security to your account you should also:
- Ensure your passphrase is between 6-16 characters long – the longer it is, the harder it is to crack it
- Use a phrase rather than a single word as this will be more difficult to crack
- Use a memorable expression you will be able to recall. For example you might choose “I love green apples” which could be entered as “ilovegreenapples”
- To make this even more secure you could change some of the letters to numbers and use a combination of upper and lower case characters: “iL0v3Gr33nAppl3s”
If you forget your Password or Passphrase or have any difficulties logging into your Online Services account you should contact Customer Services.