Multifactor Authentication overview
Multifactor Authentication (MFA) is an effective solution that increases the security of your account. It requires the following:
- The first layer of security is your username and password.
- The second layer requires a one-time pass code which you enter before you can gain access to your DreamHost account.
This second layer of security helps protect your account from hackers and website hijackers, and DreamHost is proud to provide you with the choice to use either the Google Authenticator app or a Yubikey within the panel.
Once you’ve enabled Multifactor Authentication the following two fields appear:
Multifactor Authentication Code: Enter the 6-digit passcode generated by your mobile device.Remember this computer?: From this dropdown menu, choose how long you wish your computer to store this code. The three options are:
- Don’t remember
- Remember for 1 week
- Remember for 1 month
Changes when logging in from a new computer
Multifactor Authentication uses browser cookies to function. If you try to log in from a new computer that has never logged in to your DreamHost panel before, then the Multifactor Authentication Code field is not initially visible and your first login attempt will fail. After that first attempt, DreamHost will identify your account and make the Multifactor Authentication Code field visible so that you can log in.
How to use the Google Authenticator app with Multifactor Authentication
The Google Authenticator app was chosen because it’s free and widely available on Android, iOS/Apple, BlackBerry, or Windows mobile devices, and other third party APIs/Apps.
Google Authenticator is particularly useful with mobile tablets/phones with a cellular or Internet connection. In the event of a lost or disconnected mobile device, Google Authenticator also provides a list of non-expiring backup codes (during the initial configuration) that can be used. Outside of the Google Authenticator app, SMS text message or voice calls can be used to obtain the 2nd layer code.
Getting the Google Authenticator App
Before you can enable Multifactor Authentication on your DreamHost account, you’ll need to install the Google Authenticator app on your smartphone or tablet device.
If you already have the Google Authenticator app on your smartphone or tablet device, you just need to click the “+” in the lower right corner (iOS) or open the settings for the app and click “Add account” (Android).
The app can be downloaded from your device’s App Store (or use Google’s direct link for BlackBerry):
- Android devices: Google Play
- iPhone, iPad, or iPod Touch: iTunes App Store
- BlackBerry devices: Google Authenticator Download (visit from your BlackBerry device).
Enabling MFA in the panel for Google Authenticator
- Navigate to the (Panel > ‘Billing & Account’ > ‘Security’) page.
- The second section on that page is titled ‘Multifactor Authentication’:
Current Password: Enter your DreamHost account password.
Multifactor Authentication Type: Click the dropdown menu to choose which of the two Google methods you’d like to use:
– Google Authenticator, Time-Based (recommended)
DreamHost recommends time-based one-time passcodes. Time-based codes provide better protection against phishing and keyloggers since each code is only valid for a short amount of time. Time-based codes also automatically stay in sync with DreamHost’s servers, as opposed to counter-based codes which require manual syncing.
– Google Authenticator, Counter-Based;
If you use counter-based codes, you will need to press the refresh button next to the code in the Google Authenticator App each time you use it to advance it to the next code.
- Click the Get Started button.
You will now see a QR Code and a 16-digit secret key that you will need to activate Multifactor Authentication.
- Use the Google Authenticator app to scan the QR code.
If your device does not have a camera, you can instead enter the 16-digit secret key shown below the QR code into the app manually.
If you have more than one device running Google Authenticator, scan the QR code or enter the key on every device that you want to use with your DreamHost account.
- When the Google Authenticator app displays a 6-digit passcode, enter it in the passcode field.If you are using counter-based codes, you may need to press the refresh button to display the first code.
- Click the Activate! button and DreamHost’s server is synced to your device.You then see a ‘Success!’ confirmation box appear.