ICANN Account MFA FAQs
Background
What Is Multi-Factor Authentication (MFA)?
Multi-factor authentication is a multistep account login process in which a user is granted access to an application only after presenting two or more pieces of evidence, or authentication factors, such as a password, key card, PIN, fingerprint, etc.
What Authentication Factors Will I Need to Use to Access My ICANN Account?
ICANN Account requires a user-selected password that is created when setting up your ICANN Account and a time-based one-time password (TOTP) generated by a TOTP authenticator app.
Why Should I Use MFA on My ICANN Account?
Using MFA significantly reduces the risk of bad actors gaining access to your ICANN Account and helps ensure that your sensitive data remains protected
Enabling MFA on Your ICANN Account
How Do I Enable TOTP MFA on My ICANN Account?
To enable TOTP MFA on your ICANN Account follow these steps:
- Log in to your ICANN Account with your username and password.
- Navigate to the "Manage Your Account" page by hovering over your username on the upper right corner of the ICANN Account homepage and then clicking on "Manage Account."
- Click on the "Security" tile.
- On the "Manage Your Security Settings" page, click on "Manage MFA."
- On the "Manage Your Multi-Factor Authentication Settings" page, select to enable "Time-Based One-Time Password Authentication" by clicking the blue "Enable" link and following the prompts on the screen.
Where Can I Download a TOTP Authenticator App?
Visit your Smartphone's app marketplace (that is, App Store for iOS, Google Play Store for Android, AppGallery for HarmonyOS, etc.) and search for "TOTP authenticator app."
How Do I Connect My ICANN Account to My TOTP Authenticator App?
Open your TOTP authenticator app on your smartphone and click on the "+" icon. The TOTP authenticator app will prompt you to scan a QR code. Using your smartphone's QR scanner, scan the QR code provided on the second step of the ICANN Account TOTP Authentication Setup page. Finally, follow the prompts on your TOTP authenticator app and on the ICANN Account TOTP Authentication Setup page to complete the setup process.
How Do I Enable Voice Call MFA on My ICANN Account?
To enable Voice Call MFA on your ICANN Account, follow these steps:
- Log in to your ICANN Account with your username and password.
- Navigate to the "Manage Your Account" page by hovering over your username on the upper right corner of the ICANN Account homepage and then clicking on "Manage Account."
- Click on the "Security" tile.
- On the "Manage Your Security Settings" page, click on "Manage MFA."
- On the "Manage Your MFA Settings" page, select to enable Voice Call Authentication by clicking the blue "Enable" link and following the prompts on the screen.
Can I Use Voice Call Authentication Internationally?
Yes, Voice Call authentication is available internationally.
Can I Enable Both TOTP and Voice Call Authentication?
Yes, you can activate both TOTP and Voice Call Authentication for your ICANN Account. When both are active, the system will ask you which method you'd like to use for verification. Furthermore, using both methods offers a backup option if you cannot access one or the other.
Troubleshooting ICANN Account MFA
What If I Lose Access to My TOTP Authenticator App and Am Locked Out Of My ICANN Account?
To avoid being locked out of your ICANN Account if you cannot access your TOTP authenticator app, it is recommended that you enable both TOTP and Voice Call Authentication. This way, if one method becomes unavailable, you'll still have an alternate way to verify your identity and access your account.
What TOTP Authenticator Apps Does ICANN Recommend?
ICANN does not endorse any specific TOTP authenticator app. However, ICANN Account's MFA is compatible with apps that use the TOTP protocol. To find a trustworthy TOTP authenticator app, browse the Apple App Store or the Google Play Store for "TOTP authenticator." It's a good idea to opt for apps with reliable user reviews and recommendations.