Dotcom-Monitor supports multi-factor authentication (MFA) to add a second verification factor during sign-in. When MFA is enabled, users must enter a one-time password (OTP) in addition to their username and password.

Supported authentication methods:

  • OTP sent to a verified email address
  • OTP sent by SMS to a verified mobile phone number
  • OTP generated by an authenticator application

MFA can be enabled for an entire account or for an individual user. When the Authenticator App options enabled at the account level, users complete setup during their next sign-in. When enabled from a user profile, setup begins immediately.

How It Works

Email MFA

After entering your username and password, Dotcom-Monitor sends a one-time password to the verified email address associated with your account.

SMS MFA

After entering your username and password, Dotcom-Monitor sends a one-time password to the verified mobile phone number associated with your account.

Authenticator App MFA

After entering your username and password, enter the six-digit code generated by your authenticator application (e.g., Google Authenticator, Microsoft Authenticator, Authy).

Initial Authenticator App Setup

  1. Sign in to Dotcom-Monitor with your username and password.
  2. On your phone, open your authenticator app (for example, Google Authenticator) and add a new account.
  3. Scan the QR code shown on the screen, or enter the setup key manually.
  4. In the Dotcom-Monitor authentication dialog, enter the six-digit code generated by the app and click Verify Code.

After verification, MFA is enabled and will be required for future logins.

How to Set Up Multi-Factor Authentication

If you lose access to your email account or your phone is lost or stolen, we strongly recommend resetting your password and using the Log Out Everywhere option available on the Security page. This will sign you out of your Dotcom-Monitor account on all devices and require you to sign in again using your new password.

Enable MFA for All Account Users

To enforce MFA for all users, configure it under Account Settings > Security. If Authenticator App is selected, users are prompted to complete authenticator setup during their next sign-in.

Enable MFA for an Individual User

To enable MFA for a single user, configure it under My Profile > Security. If Authenticator App is selected, the MFA setup process starts immediately.

Important to Know

  • MFA can only be disabled by a user who can successfully sign in to the account.
  • OTP codes expire after 15 minutes and can be used only once.
  • SMS-based authentication is limited to two OTP requests within a 15-minute period.
  • If the phone number used for SMS authentication is no longer valid, contact your account administrator to update your account information.
  • If access to the configured email account or mobile device is lost, reset your password and use Log Out Everywhere on the Security page to sign out all active sessions.

Resetting the Authenticator app

An authenticator app configuration can be reset when access to authenticator codes is lost or the authenticator secret needs to be replaced.

When to Reset

  • Lost or replaced phone: If the mobile device with the authenticator app is lost, stolen, or replaced, the existing codes can no longer be accessed.
  • App reinstalled or data wiped: Reinstalling the Google Authenticator app or performing a factory reset clears stored accounts, making previous tokens unavailable.
  • Incorrect time sync: If the app’s clock drifts out of sync, generated codes may stop working, requiring a reset and reconfiguration.
  • Access recovery requests: When a user is locked out of an account due to missing or invalid codes, an admin may reset the authenticator to restore access.
  • Security concerns: If there is any suspicion that an authenticator secret key has been exposed or compromised, resetting ensures new, secure keys are used.

Reset Your Own Authenticator Configuration

Users can reset the Google Authenticator configuration for their own account from My Profile > Security > Authenticator App > Reconfigure.

After the reset, previously generated codes become invalid. The next time you sign in, you will be prompted to scan a new QR code and complete the authenticator setup again.

Reset Another User’s Authenticator Configuration

Only users with the Admin role can reset the authenticator app configuration for other account users.

  1. Log in to your Dotcom-Monitor account and open Account Settings.
  2. Navigate to the Users tab.
  3. From the list of users, select the user profile you want to edit.
  4. In the profile settings, click Reset Authenticator App.

After the reset, previously generated codes become invalid. During the next sign-in, the user will be prompted to scan a new QR code and complete the authenticator setup again.