ICANN Updates Zone File Access & Requires The Most Complicated Password Ever

icannBack in May 2014 I made a few suggestions to ICANN regarding the New gTLD zone file access. So when I got an email with the subject “About enhancements to CZDS” I was excited. The email didn’t give a lot of details: “ICANN will be deploying several enhancements to the CZDS during the below time period. During this time the CZDS will be unavailable.”

So now the update has been completed and I got this email:
“As previously communicated, ICANN has deployed several updates to the CZDS today. The updates haves been successfully completed and CZDS is ready for your use again.

The updates to the CZDS were deployed in order to enhance navigation, to increase password security, and to provide additional assistance in the help section for both end-users and Registry Operators.

Now that the maintenance is complete and the updates have been deployed, you will be asked to create a new password when you next login to the CZDS. The requirement to create a new password upon your next login is to bring your password in line with the enhanced password rules ICANN has deployed. Please update your password according to the guidelines provided after the login screen to continue using the CZDS.”

I had asked for a few improvements:

  1. I didn’t want the zone file access to expire every 3 months. I was told that each registry decides the length of access: “Registry Operators can approve a zone file access request for a minimum of 90 days, and they can extend it for as long as they choose.”
  2. I complained several times that some registries just ignore requests. I never got an official reply on this. I still have pending requests from May of August.
  3. I asked for a way to get all 300+ zone files by downloading a single file but that was not implemented.
  4. Also the “expired” section displays all past requests. Even those I have gotten approved again. That will keep growing. e.g. I have 2 expired .berlin requests even though my 3rd request has been approved.
  5. I finally requested a search function. That would be great as with 1000+ new gtlds it would be a nightmare going through the 10s of pages. That was the only feature from the ones I asked that was implemented. It will surely save me some time.

Unfortunately the enhancements included a mandatory password change. I don’t understand why zone file access needs a password that has the most complicated requirements I have ever seen. Seriously, anyone can apply and get access to zone files, we don’t need a password like this:

  • Password must contain at least 2 uppercase characters.
  • Password must contain at least 4 characters of different types (lowercase, uppercase, digit or punctuation).
  • Password must contain at least 2 digits.
  • Password must contain at least 2 punctuation (not whitespace or an alphanumeric) characters.
  • Password must be at least 12 characters in length.
  • Password must contain at least 2 lowercase characters.

About Konstantinos Zournas

I studied Computer Engineering and Computer Science in London, UK and I am now living in Athens, Greece. I went online in 1995, started coding in 1996 and began buying domain names and creating websites in 2000. I started the OnlineDomain.com blog in 2012.


  1. Couldn’t agree more. But, hey, what do you expect from a bureaucratic monster like ICANN? Good service, a great platform and timely and detailed responses? Come on! 😉

  2. CZDS was down today for a while because of “out of cycle maintenance”. Probably something went wrong after the recent update.

    I use czdap-tools for daily download and just noticed that only about half of the zone files were downloaded today.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.