After a recent conversation with a non domainer who was asking about how domains are transferred, I have become a little paranoid about the security of our domain assets. I completed a transaction recently. I met the buyer at his home. He transferred the funds to my account. I confirmed receipt of the funds on my iPhone. I then initiated the transfer from my iPhone. All done in just a few minutes. We all do this on a regular basis but we are very vulnerable. A simple email hack and whoosh, our domains are gone!! Criminal gangs could easily target our industry. Either stealing our domains in bulk. Or perhaps targeting one or two at a time, so the theft could go unnoticed for some time. With the value of many domains being five and six figures we are sitting ducks. To add fuel to my current state of paranoia, this afternoon I received an email for a password reset request from Nominet . What can be done to add additional layer, or layers, of security?