Dotcom-Monitor allows users to add a layer of security to their login process by enabling multi-factor authentication. When enabled, multi-factor authentication requires a Dotcom-Monitor account user to pass another check by entering a one-time password (OTP), in addition to their login and password, to access their account. OTP or a one-time password is a numeric string sent via a selected type of communication to the user requesting access to the application. We support three types of multi-factor authentication:

  • OTP to a verified email.
  • SMS with OTP to a verified mobile phone.
  • OTP via Google Authenticator App.

To enable multi-factor authentication for your Dotcom-Monitor account, go to the Account Settings > Security.

If you lost access to your email, or your phone was lost or stolen, it is highly recommended to reset your password and use the Log out everywhere option provided on the Security page of your Dotcom-Monitor account settings. In this case, you will be logged out from your Dotcom-Monitor account on all devices and required to log in again using a new password.

How It Works

If multi-factor authentication has been enabled, you will be prompted to select a preferable way to receive your OTP every time you login into your Dotcom-Monitor account.

When you opt for receiving an OTP via email, make sure you have access to the verified email account. Once you submit your username and password upon login, we will send an OTP to your email address that was previously associated with your Dotcom-Monitor account. Receiving an OTP via email is the most common type of two-factor authentication. This option is good when you don’t have access to your phone at the moment.

If you choose to receive an OTP via SMS, your mobile phone will be used as an authentication factor. You will be asked to enter an OTP sent to your phone via SMS. In this case, make sure to have your phone in hand upon login.

Important to Know

  • Once multi-factor authentication (MFA) is enabled, you must first log in to your account before disabling this extra authentication step.
  • A one-time password (OTP) is valid for a single login session and expires after 15 minutes. Once expired, you will need to repeat the login process.
  • If you choose to receive your OTP via SMS, a maximum of two SMS attempts are allowed within a 15-minute period.

If the phone number that is used to send OTP is invalid (e.g., the phone number was changed or a wrong phone number was provided in your account contact details), please contact your account administrator to update your contact information.

Resetting the Google Authenticator app

An account administrator might need to reset the Google Authenticator app in situations where access to time-based one-time passwords is lost or compromised. Resetting Google Authenticator will remove the current setup and require account users to scan a new QR code to login. 

When to Reset

  • Lost or replaced phone: If the mobile device with the authenticator app is lost, stolen, or replaced, the existing codes can no longer be accessed.
  • App reinstalled or data wiped: Reinstalling the Google Authenticator app or performing a factory reset clears stored accounts, making previous tokens unavailable.
  • Incorrect time sync: If the app’s clock drifts out of sync, generated codes may stop working, requiring a reset and reconfiguration.
  • Access recovery requests: When a user is locked out of an account due to missing or invalid codes, an admin may reset the authenticator to restore access.
  • Security concerns: If there is any suspicion that an authenticator secret key has been exposed or compromised, resetting ensures new, secure keys are used.

How To Reset

Only users with Admin role can manage other users’s profiles. If you don’t have the required permissions, contact your account administrator.

To reset the Google Authenticator app follow the steps:

  1. Log in to your Dotcom-Monitor account and open Account Settings.
  2. Navigate to the Users tab.
  3. From the list of users, select the user profile you want to edit.
  4. In the profile settings, click Reset Google Authenticator.

When the Google Authenticator app has been reset for a user, any codes previously generated by the user’s Google Authenticator app will no longer be valid. At the next login, the user will be prompted to scan a new QR code and re-link their Dotcom-Monitor account with the app.