I finished the move to a new host over a month ago. I sent a cancellation email to the old host, telling them to cancel the hosting but not the domains.

No, wait, they didn't screw up the way you're thinking.

They sent back an email saying they needed my password or passphrase for confirmation. But that email went into my Yahoo spam folder. Now that I know why they haven't processed the cancellation yet, I called to give them the password -- confirming before shutting down my site is actually a good thing.

They won't do it over the phone. And they won't do it from the control panel, which I'm logged in to. Oh sure, they'll add services, and they're more than happy to bill my credit card for those services based on what I do from the control panel.

But the only way they'll process a cancellation is for me to send my password in plain text over non-encrypted email. The same password that will still control my domain registrations.

Hmm ... I'm thinking that about two minutes after they process the cancellation I'll be changing that password. And the day after that I start transferring the registrations to someone else, too.