This is an important lesson. Anytime you're onboarding a new user/employee, your documentation will benefit by getting that person's feedback. What's incorrect? Where there any steps that weren't clear? Or missing steps? Is there information that's outdated?
I've even gone as far as forcing the developers to answer questions by incorporating new information into the documentation. If you start having out-of-band communication (email, chats, in-person conversations) between the newbie and the team, there's a strong chance that extra information will never find its way back into the documentation.
It's not the case with GoDaddy. I just had a hosting client run into this a few weeks ago -- someone they know had registered their domain for them long ago, and they didn't have the GoDaddy login. I tried to help out when their domain expired and spoke to GoDaddy support. They do not provide any way to renew domain without logging into the account that owns the domain. They were fortunately able to get in touch with the person who originally registered it, so that person could renew it and work on transferring it to an account controlled by the true "domain owner".
I personally don't see a security issue with allowing anyone to renew any domain. It's not like you can change WHOIS information or the authoritative name servers -- you're just paying to continue with the existing ownership/configuration.
I've even gone as far as forcing the developers to answer questions by incorporating new information into the documentation. If you start having out-of-band communication (email, chats, in-person conversations) between the newbie and the team, there's a strong chance that extra information will never find its way back into the documentation.