Two-factor Authentication

Two-factor authentication is a means of identifying a user through two separate pieces of information or identification. For ARIN Online, these two pieces are your account password and a one-time password generated using a third-party mobile authenticator. By combining proofs of identity that an unauthorized user is unlikely to possess, two-factor authentication provides an increased level of security for ARIN Online users.

Enabling Two-factor Authentication

  1. Obtain a compatible third-party mobile authenticator
    • You can use any third-party mobile authenticator with your ARIN Online account, so long as it meets the requirements set forth in RFC 6238. ARIN tested its two-factor authentication functionality using the following third-party authenticators:
      • Google Authenticator
      • Salesforce Authenticator (formerly known as Toopher)
      • FreeOTP
  2. Log in to your ARIN Online account and select Settings from the menu under your name.
  3. In the Security Info section, choose Manage Two-Factor Authentication from the Actions menu.
  4. Choose Enable 2FA.
  5. Confirm your choice. The next window displays a message that two-factor authentication is enabled, and allows you to set up your authenticator.

To configure the authentication:

  1. Open your third-party authenticator application. Choose one of the following:
    • Enter the 16-character key that is displayed in ARIN Online into your authenticator application; or
    • Choose Show QR Code and scan the code with your authenticator application.
  2. Your authenticator should start providing time-based six-digit codes. To test your authenticator, enter the time-based code into the field in ARIN Online and choose Verify Your Code. If successful, the system displays a message that your code was verified.

two factor authentication screen showing code was verified

After two-factor authentication is enabled, ARIN Online will request that you enter a time-based code provided by your authenticator every time you log in to ARIN Online. After entering your username and password into ARIN Online, you’ll need to enter the code from the authenticator and choose Continue.

When you configure two-factor authentication for the first time in ARIN Online, the Setup page will also display an Emergency Reset Code that can be used if you lose access to your authenticator. You can enter this code to remove two-factor authentication from your account and log in to ARIN Online.

two factor authentication screen showing emergency reset code

Important: Save the Emergency Reset Code in a password management tool, print it out, or write it down and store it in a safe place. This code will only be displayed once.

Refreshing Your Two-factor Authentication Key

To receive a new two-factor authentication key (for example, if you are using a new authenticator):

  1. Log in to your ARIN Online account and select Settings from the menu under your name.
  2. In the Security Info section, choose Manage Two-Factor Authentication from the Actions menu.
  3. Choose Generate New Key/QR Code. Follow the steps in Enabling Two-factor Authentication.

You will not be able to recover your previous two-factor authentication key, and you will need to synchronize your authenticator with the new key.

Disabling Two-factor Authentication

If you can access your third-party authenticator:

  1. Log in to your ARIN Online account and select Settings from the menu under your name.
  2. In the Security Info section, from the Actions menu, choose Manage Two-Factor Authentication.
  3. Choose Disable 2FA.
  4. Confirm your choice.

If you cannot access your third-party authenticator, follow the instructions in Lost Access to Your Authenticator.

Lost Access To Your Authenticator?

If you have lost access to your third-party authenticator and cannot log in to your account, but you do have your 31-character Emergency Reset Code:

  1. Enter your username and password to log in to your ARIN Online account.
  2. When prompted to enter your two-factor authentication code, choose Lost access to your authenticator?
  3. In the Reset Code Field, enter your 31-character Emergency Reset Code.
  4. You will be sent an email containing a link to disable two-factor authentication. Click the link or copy and paste it into your web browser.

If you cannot log into your account and you do not have your 31-character reset code:

  1. Call ARIN Registration Services at +1 703-227-0660, Monday - Friday, 7:00 AM - 7:00 PM.
  2. Provide the answers to your account security questions.