Hacker News new | past | comments | ask | show | jobs | submit login

Is there any indication that Gandi is insecure?



Not that I know of, it’s just good practice to separate services like this (even if it can be more expensive and logistically difficult).


I'm asking because the GGP wrote "better more secure registrar". Since I'm using Gandi right now (and I don't care about their mailbox offer), I wanted to know if it was really insecure.


GGP said hosting, but I think they mean email hosting. Even if you keep your actual registrar account @gmail or anther third-party, it's not recommended to handle your registrar, DNS, and email in the same place, since a compromise of any of them is likely to lead to compromise of the other systems (eg. an attacker gains admin permissions on the website / backend and uses it to reset your email password and download your email inbox)


Aren't these orthogonal concerns?

registrar or DNS gets hacked -> attacker can receive mail as you (by transferring your domain or changing your MX record)

e-mail host gets hacked -> attacker can download your inbox

both -> both


I'm sorry but I don't understand what you're saying. The sentence was literally "Transfer the domains over to a better more secure registrar." This is about domain names and registrars and it's implying that Gandi is insecure. Your point about putting your eggs in the same basket is a different point.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: