We like to add the most security to our property and assets. When it comes to domain names, we don’t realize the measures and systems which are already in place to protect them. An EPP Code or Transfer Authorization is an important aspect in domain name security and is essential for transferring your domain name from one provider to another. This article discusses all the frequently asked questions about Authorization Codes and Domain Name Transfers.
An Authorization Code or Auth Code is like a password which is given by the Domain Registrar to the Domain Owner, so that he can transfer the domain name to another Domain Registrar. The Authorization Code is given to the new Registrar, which is requesting a transfer of the domain to itself. This means that if you are transferring your domain name from GoDaddy to eNom, you will need to get the Auth Code from GoDaddy and give it to eNom (through the order / transfer form) so that when eNom requests GoDaddy for the control of the domain name, GoDaddy can verify the request with the Auth Code.
The Auth Code is also known as an EPP Code, EPP Key, Transfer Secret, Domain Secret, Transfer Password, Auth-Info Code or Transfer Secret. All these words mean the same thing and are used in the same context.
Almost all domain names including the new gtlds require the EPP Code for transferring the domain between registrars. However, some cctlds and other tlds may not require an additional code and may transfer the domain name without it.
No. You need to ensure that the domain name is unlocked and that the Registrant approves the email request to transfer the domain name.
The Auth Code Validity is dependent on your Registrar. Some registrars have no validity or time limit on the auth code. Most registrars who generate the auth code and send it, allow it to be used for about 30 days from the date it was sent. The validity of the auth code is usually mentioned in the email that it was sent in. If the registrar allows you to choose your own code, then usually there is no expiry date and it is valid perpetually till used. Get the most recent code by requesting the auth key just before transferring your domain name.
Some registrars allow you to specify your own auth code so that you can set it to something easy to remember or some familiar word or phrase. Most registrars prefer to generate their own code and send it to the Registered WHOIS contact, which adds an extra layer of security. You can set your own key or request one from your Domain Control Panel.
Once you request an auth code from the Registrar, you should receive it within 5 calendar days. As per ICANN’s website: “Registrars must provide the Registered Name Holder with the unique “AuthInfo” code within five (5) calendar days of the Registered Name Holder’s initial request if the Registrar does not provide facilities for the Registered Name Holder to generate and manage their own unique “AuthInfo” code.”
If you cannot create your own Auth-Code through your control panel, please contact your registrar to obtain an Auth-Code. If your registrar fails to provide you with an Auth-Code within five calendar days of your request, you can submit a Transfer Complaint through the ICANN Website. Remember that the request you made, needs to have been sent to the Registrar. Resellers, third party vendors and even your IT consultants may not forward your request to the Registrar, for which you should contact the Registrar directly.