Hacker News new | past | comments | ask | show | jobs | submit login

Google is safe, simple, and they never bother you. I'm cheap, but will pay $13 just for piece of mind.

Google Domains incorrectly banned me. I filed an appeal showing how I was indeed authorized to perform the actions I had performed, that I was not in violation of their Terms of Use, and included the contact information of the various parties that Google could contact in order to confirm my claims. None of these individuals were contacted and my appeal was rejected with their standard "unfortunately kindly go fuck yourself" message.

When they banned me, I simply lost access to the entire domains.google.com page. As such, I was unable to transfer any of my domains out. The only thing I could do was let them lapse, wait for them to become available to the general public again, and re-buy them on a different registrar.

Their UI works great, most of the time, but I would not recommend Google Domains to anybody, ever, under any circumstances.

Please write this up with more detail, it deserves a HN front page story. That is horrifying.

It's really not as exciting as all that. As a regular user, I suspect you're unlikely to have an experience like mine.

As part of my job, I perform (authorized) phishing simulations for employees of my employer. Typically this involves registering domains that look like my employer's domain (with permission), or domains that look like those of our vendors (again, with permission). I suspect one too many people clicked Gmail's "report phishing" button and their automated system took it from there. So I wasn't at all surprised that the account eventually got suspended, but I was surprised that my appeal was rejected, and closed with zero investigation. Perhaps I shouldn't have been.

Thankfully the only domains I lost were domains used for that purpose. At the time, I did use Google Domains for my personal domains as well, but thankfully I had those associated with my personal Gmail address and not my work account so I could still control them. Needless to say, though, I moved them off onto another registrar immediately.

The experience has also led me to slowly move off of Google products as a whole, with the notable current exceptions of Android and Google Fi.


* before the inevitable "phishing is a violation of their terms of service", it actually isn't. The related section forbids use that violates any laws or regulations, and lists phishing as an example. Authorized phishing simulations do not violate any laws or regulations. Unfortunately, Google failed to follow up with any of the individuals or evidence showing that it was authorized, and just rejected the appeal.

Or any other google product for similar reasons.

Without reading the registry agreement to find anything specific, I'm pretty sure that violates ICANN rules.

I would also like to hear more about it because that's scary.

I posted the story on a sibling comment. It's not as exciting as all that.

Overall it was a net positive experience, really. It led me to perform a personal Disaster Recovery exercise where I modeled losing my Google account, which was very interesting and informed a significant shift in my online behavior. If it ever happens, it'll be a bother, but not much more than that.

> I'm pretty sure that violates ICANN rules

I wonder in the end who's more powerful though: ICANN or Google.

You cannot trust google for anything like domains you rely on, unless you have a contact there to talk to a human.

If its not a free service best assure the reader legal action will follow. Then the easiest solution is to restore access.

I’m not sure why this is being downvoted

I receive email on my domain, which means that it is the root of all of my security. If you steal my domain or tweak my DNS, you can get my email, and you can reset my passwords.

I have some domains at Namecheap still. I have a FIDO2 key set up for their website, which is good, but I’m not sure that I trust their security. I trust Google more.

Google Domains actually has support, too

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact