Also do research your registrar, and transfer out at the first sign of trouble. I had an important (for me) domain at RegisterFly [1]. Took some time to reclaim it after it had been transfered to Enom. Currently moving other domains godaddy -> gandi.
Contractually, you cannot use Gandi to register domains for any sites hosting user-generated content nor any content of your own which violates their ethical code. Upholding their ethical code is part of the agreement you must enter to register a domain with Gandi. If you do or support any "deviant uses of the internet", they have the right to take your domain away. It's the strangest agreement and I'm continually surprised people choose to register domains with them.
I was disappointed with Gandi in terms of security features. On the plus side, they allow you to disable password resets, but then this is fairly standard. On the other hand, they don't offer two-factor authentication or login notifications. Moreover, they inexplicably publish your "handle" under your whois information (as "nic-hdl"). This gives away the username, arguably making targeted attacks significantly easier.
I have been using Name.com for a while, and I like their approach to security. Though I must say... I once forgot my password (made it way too complicated) and in addition to a fee all it took to recover my account was to send a scan of my ID card. I think I'll write up some modest proposals for this industry. Moniker's MaxLock is too expensive and imprecise.
[1] http://en.wikipedia.org/wiki/Registerfly