How to Transfer Your Domain Name to a New Registrar

Keep your site online while you move it.

Switching registrars should feel like changing accountants, not changing the locks on your storefront. When you plan correctly, a domain transfer is a quiet, paperwork-heavy move that your visitors never notice. The process lives under well-defined rules, yet there are pitfalls that cause downtime, lost email, or a security gap. This guide walks you through a reliable, low-drama transfer that preserves uptime, SEO equity, and security from start to finish.

What a Domain Transfer Does, and Does Not, Do

A registrar transfer moves sponsorship of your domain from one registrar to another. The registry that actually runs the top level domain remains the same. Your website files, your hosting account, and your DNS provider do not move unless you choose to change those as part of the project.

Moves: Billing and management of the domain, contact data at the registrar, the authority to renew and configure it.
Does not move by default: Nameservers, DNS zone content, your web host, email host, SSL certificates.
Usually adds one year of registration: Most general TLDs add a year on transfer. A few ccTLDs behave differently, so verify yours.

Knowing this separation helps you design a transfer that avoids needless changes and keeps risk low.

Before You Start: A Sanity Checklist

Do these items in order. You will avoid 90 percent of transfer failures.

Confirm domain status. It must be active, not expired, not in redemption, and not on a client transfer prohibited status. You can view status in your current registrar dashboard and in public WHOIS.
Check the 60-day rules. New registrations or recent registrant contact changes can trigger a 60-day transfer lock under the industry transfer policy. Some registrars let you opt out of the post-change lock, but only at the time you change contacts.
Audit contact email addresses. Transfer approvals arrive at the registrant or admin email. Ensure you control those inboxes now. If WHOIS privacy is on, confirm how that privacy service forwards transfer emails.
Snapshot DNS. Export your zone file or copy every DNS record to a text file. You want A, AAAA, CNAME, MX, TXT, SRV, and any ALIAS or ANAME entries. If you run DNSSEC, note the DS and key details.
Decide your nameserver strategy. Easiest path is to keep nameservers as-is during transfer, then change later if you need to. If you plan to change DNS providers, lower TTLs first to speed up propagation.
Lower TTLs ahead of time. Two days before any planned nameserver change, reduce key record TTLs to 300 seconds. That makes any later cutover quick.
Check glue records if you use vanity nameservers. If your domain hosts child nameservers, like ns1.example.com, you must update glue at the registry when you change IPs.
Turn on MFA at the gaining registrar. Create the new account now, enable two-factor authentication, and add a billing method.
Plan the window. Transfers commonly complete in 1 to 7 days. Choose a week with normal traffic, not the day of a big launch.

The Step-by-Step Transfer Plan

Follow this flow for a smooth move. It assumes a standard TLD like .com or .org. Variations for ccTLDs appear later.

Step 1: Unlock the Domain

Log in to your current registrar and switch off transfer lock. You will see a status value change from “clientTransferProhibited” to “ok” or similar within minutes. Some registrars call this “Registrar Lock.”

Step 2: Retrieve the Authorization Code

Request the authorization code. You will see it in dashboard or receive it by email. The code is sometimes called an EPP code or AuthInfo code. Treat it like a password.

Step 3: Verify Contacts and Privacy

Open the domain contacts panel and confirm registrant and admin email addresses. If WHOIS privacy is masking those, confirm how the privacy proxy forwards mail. You do not need to turn privacy off if the proxy forwards correctly, but many people disable privacy during the transfer to avoid missed emails.

Step 4: Initiate the Transfer with the Gaining Registrar

At your new registrar, choose “Transfer” and enter the domain name and the authorization code. Pay for the transfer, which usually includes a one-year extension. The new registrar submits the request to the registry.

Step 5: Approve the Transfer Emails

You will receive one or more emails asking you to approve or acknowledge the transfer. Approve them quickly. If you do not see them within an hour, check spam, confirm forwarding from any privacy service, and verify the contacts again.

Step 6: Monitor Status

Your domain status will move to “pendingTransfer.” The losing registrar can approve early, which often completes the transfer within a day, or it can wait for auto-approval, which completes around day five. Either outcome is normal.

Step 7: Post-Transfer Audit

Once the transfer completes, log into the new registrar and check:

Nameservers still set to the provider you intended
Auto-renew on or off per your preference
Contact data correct and privacy toggled as you want
DNSSEC disabled or re-enabled as appropriate
Domain lock re-enabled to prevent hijacking

If you planned a nameserver change, do it now while TTLs are low and your DNS snapshot is ready.

Nameserver and DNS Strategies That Avoid Downtime

You have three common paths. Choose the simplest that meets your goals.

Strategy A: Keep Your Existing DNS Provider

This is the least risky approach. Leave nameservers unchanged during the transfer. Your users never notice. You can move DNS later on your own schedule.

Strategy B: Change DNS Providers After the Transfer

If you want to move DNS to the new registrar or to a specialized DNS host, complete the domain transfer, then import your zone. Keep TTLs low for 24 hours, then change nameservers. Monitor with an external checker to confirm that all records resolve correctly from multiple locations.

Strategy C: Change DNS Providers Before the Transfer

Sometimes you want DNS improvements first, for example to enable global anycast or a new managed WAF. In that case, lower TTLs, import the zone at the new DNS provider, and change nameservers while the domain is still at the old registrar. Let the change propagate and stabilize, then perform the registrar transfer. This reduces the number of moving parts at one time.

Email Considerations

Email suffers the most when DNS changes go wrong. Protect it:

Copy MX, SPF, DKIM, and DMARC exactly.
If your new DNS host rotates TXT formatting or flattens records, verify with your mail provider’s checker.
Keep the old DNS zone active for 24 hours after nameserver change to help catch stragglers.
If you host email at the old registrar, plan a clean move to a third-party provider or to the new registrar’s mail before you change nameservers.

SSL and HTTP Considerations

If you change web hosts along with DNS, prepare SSL certificates ahead of time. If you use a CDN or proxy that provides certificates, verify the new edge certificate covers the apex and the www hostnames. For sites using HSTS, plan the cutover carefully since browsers might refuse connections to mismatched hosts until the certificate at the new endpoint is valid.

Special Cases and TLD Variations

Not all domains use the auth-code model. Know your TLD’s quirks.

.uk family: Your current registrar must set the IPS TAG to the gaining registrar’s tag. There is no authorization code.
.au: Transfers use a domain password similar to an auth code that you can request by email.
.de, .eu, and some country codes: Rules differ on renewal on transfer, privacy, and contact locks. Some require local presence or have shorter grace periods.
Registry locks: If you enabled Registry Lock, you must disable it through a higher-security process before the transfer can proceed.
New registrations or contact updates: A recent registrant change can trigger a 60-day lock. Some registrars let you opt out at the time of the change.
Expired or redemption status: You can still transfer some expired domains if the registry and registrar allow it, but redemption status usually requires restoration before transfer.

When in doubt, check the gaining registrar’s TLD rules page for your exact extension. It lists fees, renewal on transfer behavior, and transfer requirements.

Zero-Downtime Playbook

Use this practical cutover plan when you must avoid any visible blip.

Ten days out: Confirm contact emails, unlock rules, and auth code availability. Create your account at the new registrar and enable MFA.
Five days out: Lower TTLs on A, AAAA, CNAME, MX, and TXT to 300 seconds. Prepare a hosts-file mapping on your workstation so you can test destinations by IP without waiting for DNS.
Three days out: Snapshot the zone again. If you plan to move DNS, import the zone into the new DNS host and validate it with a staging hostname.
Day 0: Initiate the transfer, pay, and approve emails immediately.
Day 1–5: Monitor pendingTransfer status. Keep an external uptime monitor watching the live site. No visitor-facing changes yet.
After completion: Re-enable lock at the new registrar, confirm nameservers, and perform any planned nameserver changes during a low-traffic window. Because TTLs are still low, changes propagate in minutes. Watch logs and analytics for anomalies.
Day 7: Restore normal TTLs. If everything is stable, re-enable DNSSEC if you disabled it, and archive your notes.

Security, Integrity, and Compliance

Treat transfers like a security event. You are granting new access and revoking old access.

MFA and roles: Use two-factor authentication at both registrars. Set least-privilege roles for teammates. Remove departing staff quickly.
Transfer lock: Keep the domain locked except during the actual transfer. Relock as soon as status shows complete.
WHOIS privacy: Turn privacy on if you want to reduce spam and social engineering risk. If you need public contact data for business reasons, use role addresses like admin@ and registrant@ that you monitor.
DNSSEC: If your DNS host supports DNSSEC, note that DS records live at the registry. If you change DNS providers, turn off DNSSEC before nameserver change, cut over, then enable DNSSEC at the new provider and publish the new DS. Mismatched keys break resolution.
Registry lock for high value names: If your brand domain matters a lot, consider registry lock after the transfer. It requires out-of-band verification for any change, which stops most hijacking attempts.

Cost, Timing, and What to Expect on the Invoice

Cost: You pay the gaining registrar’s transfer fee, which usually equals a one-year renewal. That year is added to the domain’s expiry in most TLDs, with a few ccTLD exceptions.
Timing: Many transfers complete within 24 to 48 hours if the losing registrar approves early. Auto-approval finishes near day five. Some TLDs are faster or slower by policy.
Renewal overlap: If your domain expires soon, transfer early. While the extra year typically stacks, leaving it too late risks an expiration tripwire or a redemption fee at the old registrar.
Bulk transfers: For large portfolios, you can supply a CSV of domains and auth codes. Work with the new registrar’s onboarding team. Ask for a playbook, a test run with five domains, and a point of contact for escalations.

Troubleshooting Common Transfer Failures

No approval email arrives. Check spam, confirm the registrant or admin email addresses, and review how privacy forwarding works. As a fallback, change contacts to an address you control and opt out of any optional 60-day lock at the moment of change if available.
Auth code rejected. Codes are case-sensitive. Copy and paste carefully without whitespace. If the code fails twice, generate a new one.
“ClientTransferProhibited” status. The domain is still locked. Unlock it and wait a few minutes for status to update. Some registrars require security verification to unlock.
Transfer denied by losing registrar. The most common reasons are a recent registration, a registrant change lock, or outstanding fees. Ask support for the specific denial reason then fix that exact issue.
Names stopped resolving. If you changed nameservers during the window, you likely missed a record or broke DNSSEC. Compare your snapshot to the active zone, correct, and retest. Use dig or an online checker to validate the DS and DNSKEY chain.

After the Transfer: Close the Loop

Relock the domain. One click. Do it right away.
Review auto-renew. Turn on automatic renewal if you want uninterrupted coverage. Set a calendar reminder thirty days before expiry regardless.
Re-enable privacy. If you disabled privacy to catch emails, turn it back on now.
Re-enable DNSSEC. Only after nameservers are final and the new DNSSEC keys are published.
Update internal docs. Record registrar, account owner, renewal date, nameservers, DNS host, MFA backup codes, and support contacts. Good notes save future you from emergencies.

Supporting Sections

Registrar vs Registry vs Reseller

Registry: Operates the TLD, like Verisign for .com.
Registrar: Retail front that sells domains and manages your record at the registry.
Reseller: Sells registrar services under its own brand. You still need the true registrar for some escalations.

Understand who your contract is actually with. That is who can solve account-level issues.

Portfolio Hygiene for Agencies

If you manage client domains, standardize your process.

Use dedicated registrar accounts per client, not one big agency account.
Put billing on the client card.
Use role emails as contacts, not personal staff addresses.
Maintain a portfolio spreadsheet with registrar, expiry, nameservers, DNS host, and notes.
Keep written authorization from the legal owner for any transfer action.

When to Move DNS to a Specialized Provider

A registrar’s free DNS is fine for low-risk sites. Consider a dedicated DNS provider when you want:

Anycast global networks with multiple edge sites
Advanced routing features like latency-based answers
Built-in DDoS absorption and failover policies
Detailed query logs and analytics

You can keep your domain at Registrar A and your DNS at Provider B. This split is normal and often best.

Final Takeaway

A registrar transfer is administrative work, not a rebuild. Treat it like a short, reversible change, and separate it from hosting and DNS moves whenever you can. Confirm contacts, snapshot DNS, unlock, get the auth code, submit and approve, then relock and audit. When you plan TTLs and email records with care, your visitors and your inbox never notice anything happened. That is the mark of a good transfer.

Frequently Asked Questions

How long does a domain transfer take?

Most transfers finish in one to five days. Early approval by the losing registrar often completes it in under 24 hours. Some country code domains have different timeframes.

Will my website go down during a transfer?

No, not if you keep nameservers the same and avoid DNS edits at the same time. Downtime happens when people combine registrar transfer, DNS move, and hosting migration in one window.

Do I lose remaining time on my domain when I transfer?

For most TLDs you keep remaining time and gain an extra year on completion. A few ccTLDs have different rules. Check the gaining registrar’s TLD details page.

Do I need to disable WHOIS privacy to transfer?

Not always. If the privacy service forwards approval emails correctly, you can keep it on. If emails do not arrive, temporarily disable privacy until approval is complete.

Can I transfer a recently registered domain?

Most new registrations have a 60-day no-transfer period. If you changed registrant contacts recently, that can trigger a 60-day lock as well. Some registrars let you opt out at the moment of change.

What happens to my email during a transfer?

If you do not change nameservers or MX records, nothing changes. If you move DNS, copy MX, SPF, DKIM, and DMARC exactly and keep TTLs low during cutover to protect mail flow.

What if my domain is expired?

Some registrars and registries allow transfer while expired, but not in redemption. If the domain is in redemption, restore it first, then transfer.

References

ICANN Transfer Policy and Inter-Registrar Transfer documentation
IANA WHOIS and root zone information
Registrar TLD rules pages for specific extensions
Registry documentation for IPS TAG processes on .uk family domains
DNSSEC deployment guides from major DNS providers