To protect user accounts and improve platform security, FifthDomain is rolling out multi-factor authentication (MFA) for all users. MFA adds an additional step to the login process by asking you to enter a one-time six-digit code after providing your email and password.

MFA will become compulsory for all users from 12 January 2026. However, you can set it up now so that you're ready ahead of time. Once MFA is set up on your account, it becomes required every time you log in.

MFA provides a second layer of protection to make sure that only you can access your account. Even if someone else knows your password, they can't log in without your one-time verification code. This helps defend against password theft and unauthorised access.

Until MFA becomes compulsory, users who haven't set it up will still be able to log in using just their email and password. However, if you haven't set up MFA, a reminder banner will appear at the top of the screen after you log in.

This banner will appear on every page you visit, on both Participate and Manage modes, but it won't block your content. If you don't wish to act on MFA setup right away, you can always dismiss it.

If you do want to set up MFA, click the Set Up MFA Now button in the banner. This will take you to your Manage Profile page. From there, scroll down to the section called Multi-Factor Authentication (MFA) Preference.

You can also go to your Manage Profile page directly without using the banner. The setup options are the same either way.

Once you've clicked to set up MFA, you'll be asked to choose how you want to receive your MFA codes. You can either select to receive codes by email or use an authenticator app of your choice.

If you want to set up email MFA, select Email MFA as your preferred MFA method, then click Next and then Save. Once saved, no further setup is needed.

From the next time you log in, you'll get MFA verification codes to your email.

If you want to set up app MFA, choose Authenticator App MFA as your preferred method and click Next. You'll then see a QR code and instructions.
​

First, download an authenticator app of your choice from your device's app store. Once downloaded, open the app and scan the QR code on the screen to link the app to your FifthDomain account. After scanning, your app will start generating six-digit codes. Click Next when you're ready to finish app MFA setup.

To complete setup, enter the current code from your app. This step is required to confirm the app has been linked correctly. If the code is incorrect, you can try again. There is no limit on how many times you can retry this step while already logged in.

Once a valid code is entered, app MFA will be saved as your preferred method. From your next login, you will need to open your app and enter the current six-digit code after entering your email and password.

Once MFA is set up, each login will require you to enter a verification code after you enter your email and password. The code you receive will depend on whether you've chosen email or app MFA as your preferred method.

If you are using email MFA, the system will send a new six-digit code to your email. Simply enter the code then click Verify.

Email codes expire after five minutes. If the code has expired or hasn’t arrived yet, the code won't be successfully verified. You can request a new code by clicking Resend Code on the screen. If your email address is with Gmail, please note that there may be a short delay while Gmail performs additional security checks.

After three incorrect code attempts, your account will be locked for one hour, and you will receive an email about the lockout.

If you're using app MFA, the login screen will prompt you to enter the six-digit code from your authenticator app. Click Verify once you have entered the code.

The code will refresh automatically within the app of your choice. Similarly to email MFA, if you enter the wrong code three times, your account will also be locked for one hour.

If you're using app MFA but can't access your app for any reason, you can switch to email MFA during the login process. On the screen that asks for your MFA code, click Switch to Email MFA. Then, enter your registered email address.

After entering your email, your MFA method will be updated to email MFA. You'll be taken back to the login screen to log in again. This time, the platform will send a code to your email. Enter it to complete login.

Once switched, email MFA will remain your preferred method unless you change it again from your profile.

At any time, you can go to your Manage Profile page and update your MFA settings. In the Multi-Factor Authentication (MFA) Preference section, you can switch between email or app MFA.

Remember that if you're switching to app MFA, you'll need to link your app to your account. Click the Re-Link Authenticator App button to do this. You'll then need to enter a valid code from your authenticator app before the change takes effect.

Your most recently saved MFA method will be used the next time you log in.