Two-factor authentication
Add an extra layer of security to your account.
Overview
Two-factor authentication (2FA) means that even if someone gets hold of your password, they still can't sign in to your account. When 2FA is turned on, you'll need to enter a short code from an authenticator app on your phone every time you sign in. Only you can access your account.
DomainDash uses time-based one-time passwords (TOTP), which work with popular authenticator apps like Google Authenticator, Authy, 1Password, and Microsoft Authenticator.
Enabling two-factor authentication
- Go to your profile
Click your avatar in the navigation bar and select Profile.
- Click Set up next to two-factor authentication
In the security section, click the Set up button. A modal will appear asking you to confirm your password.
- Confirm your password
Enter your current password and click Continue. This is a security check to make sure it's really you.
- Scan the QR code
Open your authenticator app (e.g. Google Authenticator, Authy, or 1Password) and scan the QR code shown on screen. If you can't scan the code, click the setup key underneath and enter it into your app manually.
- Enter the 6-digit code
Your authenticator app will show a 6-digit code that changes every 30 seconds. Type the current code into the field and click Verify and enable.
- Save your recovery codes
DomainDash will show you a set of recovery codes. Copy or write these down and store them somewhere safe. You'll need them if you ever lose access to your authenticator app. Click Done when you're ready.
Once enabled, you'll see a green Enabled badge next to two-factor authentication on your profile page.
Recovery codes
Recovery codes are your backup way into your account if you lose your phone, delete your authenticator app, or can't access your codes for any reason. Each recovery code can only be used once.
Viewing your recovery codes
To see your current recovery codes, go to your profile and click Recovery codes in the two-factor authentication row. Store these somewhere safe, like a password manager or a printed copy in a secure location.
Regenerating recovery codes
If you've used some of your recovery codes, or you think they might have been compromised, generate a fresh set. Click Recovery codes, then click Regenerate codes. This creates a brand-new set of codes and immediately invalidates all the previous ones.
Save your new codes straight away
When you regenerate recovery codes, the old ones stop working immediately. Make sure you save the new set before closing the modal.
Disabling two-factor authentication
If you need to turn off 2FA, for example when switching authenticator apps, you can disable it from your profile.
- Go to your profile
Click your avatar in the navigation bar and select Profile.
- Click Disable next to two-factor authentication
In the security section, click the Disable button. A confirmation modal will appear.
- Confirm your password
Enter your current password and click Disable 2FA. Two-factor authentication is now turned off.
After disabling 2FA, you'll only need your email and password to sign in. If you're switching to a new authenticator app, we'd recommend enabling 2FA again straight away to keep your account protected.
Re-enable 2FA after switching apps
If you're moving to a new phone or a different authenticator app, disable 2FA first, then set it up again with your new app. This ensures the QR code and setup key are in sync.
Related
- Profile settings to manage your name, email, and password