DMARCER
Sign in

Setting up multi-factor authentication (MFA)

How to switch on multi-factor authentication (MFA) for your DMARCER sign-in, keep your recovery codes safe, and what to do if you lose access to your authenticator app.

Published 29 Jun 2026 1

Multi-factor authentication (MFA) adds a second step when you sign in, so your account stays protected even if someone learns or guesses your password. DMARCER uses a one-time code that changes every 30 seconds: after you type your password, you also enter a 6-digit code from an authenticator app on your phone. This article explains how to turn MFA on, how recovery codes work, what happens when you sign in, and a few things to watch out for.

What MFA does on your account

MFA is set up by each person individually, not for the whole company at once. Everyone who signs in looks after their own MFA from their own profile. Once you are set up, every sign-in asks for your password and then a 6-digit code from your authenticator app. You can use any app that generates these codes, for example Google Authenticator, Microsoft Authenticator, Authy, 1Password or Bitwarden.

Whether MFA is optional or compulsory depends on the policy your company has chosen. There are three settings: Required (everyone must set up MFA before they can use the app), Optional (you can choose to set it up) and Disabled (you can still set it up if you like, but you will not be asked for a code when you sign in).

How to enable MFA

You set MFA up from your profile. If your company's policy is Required and you have not set it up yet, DMARCER takes you straight to the setup page after you sign in, and you will not be able to carry on into the app until you finish.

  1. Open your profile (the account menu) and find the multi-factor authentication section. If MFA is off, select Set up MFA.
  2. On the Enable multi-factor authentication page, under "1. Scan with your authenticator app", scan the QR code with your authenticator app. If you cannot scan it, select "Can't scan? Type the key in instead" and enter the key shown (use the copy button to copy it without spaces).
  3. Under "2. Confirm the code", enter the current 6-digit code from your app into the 6-digit code field. The code changes every 30 seconds.
  4. Select Verify & enable MFA. DMARCER checks the code and turns MFA on.
  5. Save the 10 recovery codes shown on the next page (see below), then select the button to continue to your dashboard.

[Screenshot: the Enable multi-factor authentication page showing the QR code on the left and the 6-digit code field with the Verify & enable MFA button on the right]

Recovery codes

When you finish setting up, DMARCER gives you 10 single-use recovery codes. Each code lets you sign in once if you lose access to your authenticator app, for example if your phone is lost or replaced. This is the only time the codes are shown: DMARCER keeps them in a scrambled form that cannot be read back, so not even our support team can look them up for you later.

  • Use Copy all, Download as .txt or Print to save the codes somewhere safe, such as a password manager.
  • Each code works only once. A recovery code looks like ABCDE-12345.
  • Your profile shows how many codes you have left (for example 7 / 10) and lets you know when you are running low (3 or fewer).
  • To get a fresh set, use Regenerate recovery codes on your profile. This cancels your previous codes and gives you 10 new ones. Your authenticator app keeps working and does not need to be set up again.

What happens at sign-in

After you enter your password, the Two-factor authentication page asks for the current 6-digit code from your authenticator app. Enter it and select Verify & sign in. If you cannot get to your app, select "Use a recovery code instead" and enter one of your saved recovery codes; "Use a 6-digit code instead" switches back. The prompt stays open for a few minutes, so if it times out you can simply sign in again. If you have MFA set up, resetting your password will also ask for a 6-digit code or a recovery code before it goes through.

Turning MFA off

You can turn MFA off from your profile, as long as your company's policy allows it. Select Disable MFA and enter your current password to confirm, which is just a quick check that it is really you. Turning MFA off removes your recovery codes, and you will no longer need your authenticator app.

If your company's policy is Required, the Disable MFA option will not be available. In that case, please contact your company administrator or DMARCER support to change the policy before MFA can be turned off.

Common pitfalls

  • Code not accepted? The most common reason is that the clock on your phone has drifted. Check that your phone's time is set automatically, then enter the next code your app shows.
  • Do not scan the QR code again to "set up again" while MFA is already on. If you open the setup page when you are already set up, DMARCER sends you back to your profile so your existing app is not accidentally disconnected. If you want a fresh start, regenerate your recovery codes, or turn MFA off and then set it up again.
  • Save your recovery codes before you leave the codes page. They are shown only once and cannot be recovered afterwards.
  • If you lose your phone but still have a recovery code, use it to sign in, then set up your authenticator app again. If you have lost both your phone and all your recovery codes, please contact your company administrator or DMARCER support.
  • If your company's policy is Disabled, setting up MFA will not ask you for a code when you sign in. That is normal: you can still set it up so you are ready if the policy changes later.

Was this article useful?

Be the first to vote.
Got feedback for our team? Send us a comment

Related articles

Updating your profile

Your Profile is your own personal page in DMARCER, where you can update your name, change your password and manage multi-factor authentication. This guide walks you through each part.