Domain Locking

From ICANNWiki
Jump to navigation Jump to search

Domain Locking, sometimes referred to as Registry or Registrar-locking, describes the service provided by registries or registrars to "lock" a domain name so that it cannot be transferred or altered without the explicit permission of the registrant.[1][2] If a lock is in place, the registrant must request that the name be "unlocked" before such changes can be made.[1][3][2]

Public Perception

The public perception of domain locking is generally positive, and it is offered by a large number of registrars. Certain registrars, such as Nominet and Verisign, also offer domain locking at the registry level.[4] However, there are still elements of the practice that can be prone to abuse, such as registrars potentially refusing to unlock names despite legitimate requests from registrants.[5] Domain locking is usually seen as a handy safeguard against Domain Name Hijacking or Slamming. In this way, it creates a greater sense of security for the user. However, while locked, the user may be unable to make certain kinds of changes to domain, which can be irritating if the registrar's unlocking procedure is not clear.[1]


Domain locking assists in the prevention of domain name hijacking and slamming and gives users an additional safeguard against unsanctioned actions regarding their domain names.

Historical Use

Domain locking services emerged out of ICANN's Transfer of Registration Policy as a way of ensuring that transfers are intentional before they are completed.[6] Domain locking addresses important security concerns, such as transferring a domain name without the registrant's permission. It is important to note that different registrars and registries may have different locking and unlocking procedures. Some automatically put locks in place while others have an opt-in procedure or a fee-based locking service.[5] Domain locking has also been used by registries or registrars in cases of abuse or suspected abuse as locking the domain keeps the owner from transferring or deleting it. An example of this can be found in ICANN's URS Proceedings, where registry operators, after receiving a URS notice, are required to lock the name in question.[7]

ICANN Policy

  • ICANN's Inter-Registrar Transfer Policy: this policy specifies how registrations can be transferred between the gaining and losing registrars.[8] It also mandates that the gaining registrar verifies information about the registrant and receives a standardized form of authorization (FOA) before the transfer can take place.[8]
    • Domain locking serves as an additional guard implemented by registrars against unauthorized transfers in addition to the other safeguards in ICANN's transfer policy. This policy specifically addresses domain locking in the context of making the unlocking procedure readily available to registrants. See section 3 of the Transfer Policy titled "Obligations of the Registrar of Record" for more details.[8]
    • ICANN's Registrar Transfer Dispute Resolution Policy (TDRP) contains similar wording to the Transfer of Registration between Registrars Policy when addressing registrar locks and states that registrars can refuse a transfer based on the lock status of a domain name IF the registrant has had a relatively clear path and opportunity to unlock it.[9]


There is no legislation addressing domain locking.

Additional Resources

Related Articles