When managing a domain name, keeping it secure is just as important as maintaining its visibility. A domain lock is one key tool to protect a domain from unauthorised activity.
This article will explain what a domain lock is, why it’s essential for domain security, how it works, and when to unlock it, especially during domain transfers. It will also cover different types of domain locks, how they protect against hijacking, and best practices for managing them effectively.
Understanding Domain Lock Protection
A domain lock is a security feature placed on a domain name by a registrar to prevent unauthorised actions. It ensures that the domain cannot be transferred to another registrar or altered without explicit permission from the domain owner. Governed by ICANN (Internet Corporation for Assigned Names and Numbers) policies, domain locks are designed to add a layer of protection during domain management, especially for those vulnerable to phishing attacks or domain hijacking attempts.
This lock safeguards by disallowing certain actions, such as transferring the domain, modifying DNS settings, or updating contact details in the WHOIS database without verification.
Why Domain Locks Are Essential for Security
Domains are valuable digital assets, and they are targets for unauthorised access. A domain lock protects your domain from being moved away from your control without your permission. Even if someone obtains your domain’s EPP code, the transfer will fail if the domain is locked. This protects against unauthorised transfers, fraud, or malicious takeovers.
Using a domain lock also helps prevent unwanted changes to your domain, such as DNS edits or registrant changes made by someone who gains temporary access to your account. For businesses, this can prevent downtime, data loss, or brand damage that might occur if someone tampers with domain configurations.
Different Types of Domain Locks Explained
Registrar Lock: This lock prevents the domain from being transferred to another registrar without being manually unlocked. It is the standard lock applied to most domains by default and is critical in stopping unauthorised domain transfers.
Update Lock: This lock blocks changes to your domain’s contact information, such as the registrant’s name, organization, or email address. It is beneficial for avoiding automatic 60-day transfer restrictions triggered by contact changes.
Legal Lock: This lock is applied during legal disputes, investigations, or court orders. It keeps the domain frozen to prevent changes until the issue is resolved. Not all registrars offer this lock, but it’s essential for high-value domains under legal review.
Depending on your registrar’s settings, these domain locks can work independently or together. Using them correctly helps lock your domain against unauthorised actions and strengthens overall security.
How Domain Lock Works and How to Activate It
Once a new domain registration is completed, most registrars automatically lock the domain as part of their default security protocol. This lock status can be viewed and managed through your registrar’s domain management dashboard. To activate the lock, domain owners typically click the domain in their dashboard and enable the lock setting if it’s inactive.
When a domain is locked, its status is set to “Transfer Prohibited,” signalling that it cannot be moved until the lock is lifted. Registrars use this mechanism in conjunction with account protections like two-factor authentication and password reset verification to maintain high security.
When to Unlock Your Domain for Transfers
You may need to unlock your domain, most commonly when you want to transfer your domain to another registrar. In this case, you’ll need to remove the registrar lock and obtain the EPP code, a transfer authorisation code used to validate the change.
Once unlocked, the domain becomes eligible for transfer, but acting quickly is essential. Domains left in an unlocked state are more vulnerable to unauthorised transfers, so it’s best to complete the process and reapply the lock immediately afterwards. Most registrars allow you to unlock a domain temporarily and submit a transfer without losing ownership or access.
Domain Lock vs. Registrar Lock: Key Differences
Although often used interchangeably, “domain lock” is a broader term, while registrar lock refers to a specific type of protection that prevents domain transfers. Not all registrar locks are domain locks.
For example, if your registrar offers a 60-day lock after specific changes to your contact information, that is an update lock, not a registrar lock. Understanding these distinctions helps you manage your domain properly and know which lock applies in which situation.
Common Issues With Domain Locks and Troubleshooting
Sometimes, users experience issues when attempting to transfer a domain to another registrar, only to find that their domain is still locked. Other complications arise from the 60 days ICANN lock, which is automatically applied after significant changes are made to the registrant’s name, organization, or email address. During this time, you cannot transfer the domain, even if you unlock it, because of ICANN’s transfer policy.
To avoid this, ensure all changes to your domain or contact info are finalized before initiating a transfer. If you’re unsure why a transfer isn’t working, check your domain’s lock status, review any recent changes, and verify with your registrar whether the 60-day COR lock has been triggered.
Conclusion
A domain lock is more than a technical setting; it’s a critical layer of protection against unauthorized transfers and modifications. It plays a vital role in securing your domain name, preventing fraud, and giving you control over when and how your domain is transferred. You ensure your domain stays in your hands by understanding the different types of domain locks, when to unlock your domain, and how to manage these settings effectively.