How to Enable and Remove Two-Factor Authentication

Enable Two-Factor Authentication (2FA) to add an extra layer of security to your DottedSign account. 2FA requires both your password and a dynamic code from your mobile device, significantly reducing the risk of unauthorized access and keeping your signed documents safe.

Note: 2FA is available for all users. Looking for advanced security and team management? Try the DottedSign Business plan with a 14-day free trial!

 

1. What Is 2FA and Why Use It

2. How to Set Up 2FA

3. Logging in With Two-Factor Authentication

4. How to Change Your Recovery Email (KDAN Member Center)

5. How to Remove 2FA

6. FAQ and Troubleshooting

 


 

1. What Is 2FA and Why Use It

What Is Two-Factor Authentication

2FA is an advanced security measure requiring two verification factors to sign in. DottedSign adopts the Time-based One-Time Passwords (TOTP) mechanism, combining your password with a dynamic code generated by your mobile device.

Why Use It

2FA provides an effective solution to the risk of password leaks. Without your phone to generate the TOTP, unauthorized users cannot bypass the sign-in process. This ensures that your signed documents and personal data in DottedSign remain secure.
 

2. How to Set Up 2FA

  1. Set Up a Recovery Email

    • Sign in to DottedSign, click your profile icon, and select "Account Management" to enter the KDAN Member Center. Then click "Security" on the left menu. (You can manage the DottedSign and all the KDAN Products on the KDAN Member Center)
    • Under Recovery Email, click "Edit", click "Add recovery email address", enter your recovery email, and click "Save". (Note: The recovery email cannot be your primary account email.)
    • Check your recovery email for a 6-digit verification code. Enter it back into the KDAN Member Center within 10 minutes to verify. (Check your spam folder or search for “Your Recovery Email Verification Code” if you don’t see the email.)

    2FA TOTP|EN(KB 用)設定備援信箱.gif
     

  2. Download an Authenticator App
    • Download and register a TOTP authenticator app on your mobile device. (e.g., Google Authenticator, 1Password, or Microsoft Authenticator) These apps don't require an internet connection and can generate the latest verification codes for you at any time.
       
  3. Enter the TOTP

    • In the KDAN Member Center page, go to “Two-Factor Authentication” and click "Disabled >".
    • Open your authenticator app (e.g., Google Authenticator: [iOS] / [Android]), tap the '+' icon, and scan the QR code to link your DottedSign account.
    • Click "Next" on the KDAN Member Center page, enter the 6-digit code from your app, and click "Verify" to enable 2FA.

    2FA TOTP|EN(KB 用) 設定 TOTP.gif

     

  4. Generate and Save Recovery Codes
    Once TOTP is enabled, five 8-digit backup codes will be generated for you. Use these as a vital backup option to sign in if your phone is lost or damaged.

    Note: These recovery codes are displayed only once and cannot be retrieved later. If lost, you will need to generate a completely new set. Please download or print these 5 codes now for safekeeping.


     

3. Logging in With Two-Factor Authentication

Once 2FA is enabled, the system will verify your identity every time you sign in. This verification process only takes a few seconds. Please follow the steps below to complete the 2FA setup. :

  1. Enter your email and password on the login page. 
  2. When prompted, enter the 6-digit verification code from your authenticator app.
  3. If you can't access your TOTP code, click "Verify with recovery codes" and enter one of your saved 8-digit recovery codes. (Each recovery code can only be used once.)

Note: Entering an incorrect password, TOTP, or recovery code 5 times will trigger an account lockout. All logins will be terminated across all browsers and devices to protect your data. Your account will automatically unlock after 1 hour. You may then try logging in again.


4. How to Change Your Recovery Email (KDAN Member Center)

  1. In the KDAN Member Center, go to the "Security" page. Under “Recovery Email”, click "Edit", then click "Change".
  2. Enter your new recovery email and click "Save".
  3. If 2FA is active, enter your 6-digit TOTP code to verify your identity.
  4. Enter the verification code sent to your new email within 10 minutes, then click "Save".

Note: Once 2FA is enabled, a recovery email is required. You can change the email address, but you cannot delete it.

2FA TOTP _ EN(KB用)更換備援信箱.gif
 

5. How to Remove 2FA

To remove 2FA, please follow these steps:

  1. In the KDAN Member Center, go to the  "Security" page. Under “Two-Factor Authentication”, click "Enabled >", then click "Cancel".
  2. Enter your current TOTP twice or two recovery codes to verify your identity, then click "Confirm". Once verified, 2FA will be removed from your account.
  3. You can now manually remove the DottedSign account from your authenticator app.

Note: Once 2FA is removed, all your recovery codes will be automatically deleted.

2FA TOTP I EN(KB用)移除雙重驗證 TOTP.gif

 

6. FAQ and Troubleshooting

  • Account locked? 

    After 5 failed sign-in attempts, your account will be automatically locked. Check your account email for an unlock link to restore access. Alternatively, your account will be automatically unlocked after 1 hour.
     

  • Lost your phone or got a new phone? 

    Click "Verify with recovery codes" on the sign-in page and enter one of your saved 8-digit recovery codes.
     

  • Used up or lost your recovery codes? 

    If you used up or lost all of your recovery codes, you can generate a new set by completing TOTP verification. Please note that the previous recovery codes will be invalidated.

    Please go to the KDAN Member Center page, under “TOTP recovery codes,” click “Generate new code”, and enter the 6-digit verification code from your device to complete the TOTP verification. You will then receive a new set of recovery codes.

    If you are unable to access your TOTP verification code (e.g., due to a lost device), please contact the DottedSign Support Team for identity verification to restore your access.
     

  • Can I remove my recovery email? 

    No, a recovery email is required for accounts with 2FA to prevent lockouts. It cannot be removed entirely, but you can always update it to a different email address.
     

  • Why did my verification time out on the web version? 

    For enhanced security, our web sign-in incorporates a ReCAPTCHA mechanism. After verifying your password, you have to enter your TOTP or recovery code within 10 minutes. If 10 minutes elapse, your verification session will expire, and you will be redirected to the login page to start over.

Updated