Two-Factor Authentication Using a Security Key

Two-factor authentication refers to the security practice of requiring two different types of verification to prove your identity. When you activate two-factor authentication on your Gandi account you will provide both your regular password and an additional code generated either from an app–usually on your mobile device (TOTP), or from a USB device you plug into your computer (U2F).

This page focuses on security keys. You can read more about TOTP here.

How Security Keys Work

“Security key” refers to a collection of physical devices which you connect to your computer to act as a secondary authentication of identity on an account. To use a security key you need to have purchased a physical device which you will then need to have with you every time you log in to your Gandi account. You will plug the key into your computer to verify your identity each time you log in to Gandi.

Gandi supports both U2F and WebAuthn compliant software devices. This includes, but is not limited to FIDO U2F security keys (such as Yubico keys), Ledger and other security wallets, and Apple Touch ID.

Activating Your Security Key

In order to use a security key the browser you use must support the appropriate software for the key you have purchased. Please check with your security key manufacturer to make sure that you are using a browser that supports your device. If you are using Apple Touch ID on a laptop, make sure that you have activated Touch ID and provided a fingerprint before attempting to add it to your account.

If you are using a device which uses the WebAuthn standard, you can visit this page to make sure your broswer supports it.

Activate your security key for your Gandi account by following these steps:

  1. Own or have permanent access to a hardware security device and verify that you have done any necessary set-up.
  2. Log in to your Gandi account.
  3. In the top right corner of the page click the arrow next to your username.
  4. Click “User Settings.”
  5. Click “Change password & configure access restrictions.”
  6. Click “Manage your security key authentication.”
  7. Carefully read the instructions, then click “Add a new key when you are ready.
  8. Provide a name for your key then click “Continue.”
  9. Plug in your security key. Or, if using Apple Touch ID select it when prompted by your browser.
  10. If the security key has a button please press it.
  11. You may see a dialog box asking you to give permission to interact with the key. If you see this box, confirm it.

The key should now appear in the list of installed keys on the page for your use next time you log in to your account.

Blocked Account

If you have lost access to your security key and are locked out of your account, please contact our support team. You will then need to send them a copy of this form to regain access to your account.