Internet Privacy

Authy based 2-Factor Authentication Is Coming!

In today’s world we live so much of our lives online. We stay in contact with our friends. We shop online. We manage our finances online. And we run our businesses online. The security of our online world is of utmost importance to us, as individuals and as business owners.

At Namecheap, your security is hugely important to us. We want you to be able to experience the full breadth of the Internet securely and seamlessly. Which is why it has been a huge frustration to us here at Namecheap that we have only had 2-Factor Authentication via SMS and have not yet been able to deliver more secure 2FA to you.  I know that we’ve been promising that it’s coming for some time now.

Now, it is coming.

Over the past two and half years we have been doing the painful, yet vital, work to build a new technology platform that will enable us to bring new products and features to market much more quickly.

It will enable us to continuously adapt to your feedback about what you want and what you need: living up to our commitment to put our customers first. Prior to this, we’ve been operating on a technology system that was built from our birth 17 years ago. Our desire to deliver 2FA became victim to the limitations of this legacy platform.

We have offered 2FA via SMS. And we know that there are some limitations to that approach. We know that we have to do better.

We made the difficult decision to pause all new integrations and features until we could build and deliver a new platform that would set our technology development free. Finally, we are approaching the end of that process.

2FA was the most urgent priority that had to be sidelined while we built that capability. It is now first in the queue to be addressed. As CEO of Namecheap, I give you my commitment that we will deliver true 2FA within the next 60 days.

2FA is coming. Thank you for your patience while you’ve been waiting.

26 thoughts on “Authy based 2-Factor Authentication Is Coming!”

  1. Can’t come soon enough! SMS isn’t great 2FA; Authy is good though, I use that as my primary keygen now. Cheers

  2. Great news!

    I actually have been waiting for this feature since I singed up for Namecheap 2 years ago (and the reason I chose it was that it supported net neutrality). It’s very good to have it at last as I really like Namecheap and didn’t want to be forced to move to another service because of the lack of features.

    Having an entire new in-house made platform sounds even better and I think it will put you ahead in the competition.

    Thanks and please keep up the great service!

  3. Great news! As a longtime customer of Namecheap, as well as a guy who works hard to utilize every security measure possible personally and in my business, I’ve been concerned about insecure SMS 2FA.

    I know it’s hard to implement 2FA in many environments as evidenced by all the companies that offer 2FA but do so through SMS ( like I have in the past with Namecheap, I ping all companies I do business with and strongly encourage them to choose a secure 2FA methodology!).

    I applaud your commitment to make secure 2FA happen and believe me, it is much appreciated!

  4. Seems like time is almost up and support say it this is not going to happen by this date. Any update by some one that might have a clue?

  5. Good news that Namecheap is making progress.
    One more simple security factor seems to be overlooked is your incorrect use of the “You last logged in at….” feature.
    Instead of indicating when someone (hopefully me) last logged into my account it shows when i just logged in for that session! This is patently useless as a security feature and actually blanks any detail of when the account was last used prior to my immediate login.
    Take a look at Banks and other financial institutions on line for a quick guide – it’s only common sense and yet someone agreed that Namecheap would do it this insecure way…. probably without realising exactly how it would not work!
    I strongly request that it be corrected please.
    John Reed

  6. Yay! Authy is great :-)

    Are there any plans to support Yubikey in the (near) future? Where possible, I’d like the ability to use mine, but so far only a handful of services support it.

    1. There are no plans to use Yubikey at this time. Our team is always looking for ways to improve all of our services, so additional options may be available in the future.

  7. Guys, it’s coming tomorrow (July 11) at noon EST. Hold your horses, that’s less than 18 hours away :)

  8. I left two comments on this post several days ago and they never got out of your moderation queue. I suspect Namecheap was embarrassed since one of your people inadvertently published a reply saying 2FA was launched. Obviously it was not.

    Not owning up to that is pretty bush-league, and not bothering to publish my comments is not acceptable if you are running a blog, especially for a long-time customer like me,

    1. Our new OneTouch 2FA launched today. I mistakenly posted an update before we had launched the updated 2FA option. My apologies for the confusion. We will have additional information about the new OneTouch option here on the blog shortly.

      1. Appreciate the apology, Jackie. Two of my geek buddies with whom I share a passion for cyber security and 2FA in specific (two guys who are also Namecheap customers, BTW) read the post as well and, like me, had received your inadvertent post via an email push.

        After I’d told them both at lunch how I’d commented but someone obviously nuked the comments or left them unapproved in the moderation queue, they were also bugged.

        Just a helpful tip for next time: Don’t just unpublish a post in to draft-mode and then leave any comments unapproved. All it does is reflect negatively on Namecheap which then makes people like my two buddies and me suspect about any future communications.

        Hope this helps.

        1. I appreciate your feedback. I assure you, there was no intent to deceive anyone. I just posted an update prematurely, as it was still in final testing, but it is live now.

    1. If you have your Namecheap account listed in the Authy app, you should be able to use the Authy app as well as the Namecheap app. Please report back if you have any issues with this.

      1. It looks like the person who told me the Authy app will work was mistaken. Once again sorry for the misinformation – after I commented, I was informed that the Authy app will NOT be supported for this release but may be in the future. Again, I apologize for the confusion – we have a lot of people working on this project because it’s important to us. I can promise is that we are always striving to improve things, and we take customer feedback seriously, so I will make sure the devs know this functionality is desired.

  9. I left this comment a little while ago, but it’s still not up: Is there a way to just use the existing Authy app, rather than the OneTouch app?

  10. I’m disappointed. The mobile app is terrible and would like to use Google Authenticator or Authy instead. I’d wish this meant the mobile app has getting better, but it has been honestly just a joke since its launch.

    1. Our new OneTouch 2FA does utilize Authy, though it does require our app for now. Based on early feedback it sounds like they’re looking at ways to more fully integrate our system with the Authy platform.

Leave a Reply