Two-factor authentication (2FA) adds another layer of security to your Datamolino account.
When you log in to Datamolino, enter your email address and password, then enter an authentication code.
You can ask that we "remember your device" so subsequent logins are faster.
Cybercriminals are increasingly using phishing emails and other scams to try and get users’ login credentials and gain access to sensitive data. Two-factor authentication supplements the username and password model with a code that only a specific user has access to.
Please note: 2FA is optional for most users, but it’s mandatory
for all users that connect to an Australian Xero product.
This is to support the ATO's requirements for digital service providers
and Xero's add-on marketplace requirements.
(starting in September 2020)
How it works
After entering your email and password, you generate a code using an app on your phone, tablet or computer, then enter the code in Datamolino.
The app generates a new code every 30 seconds, so the code is different each time you log in.
No one else can log into your account, as you're the only one who knows your email and password and has access to your authentication device.
If you use the same computer and browser each time you log into Datamolino, you can choose to enter the code once every 30 days instead of every time you log in.
How to enable two-factor authentication in Datamolino
Click on your account name in the upper right corner and select "User profile"
Go to the Security tab and click Enable next to the section called Authenticator App
3. A new window will open that will guide you through the activation using an Authenticator App. See list of apps recommended by Xero.
4. Use the Authenticator App to scan the QR code and enter the resulting 6 digit code into Datamolino and click Verify code.
6. Please save the provided backup codes so you can recover your account in case your 2FA device is not available. These three unique backup codes will only be generated and displayed once.
Important note: In case, you no longer have access to your device with authenticator app installed, entering the back up code is the only way how to login to your Datamolino account again. Please make sure that you store this back up code securely.
Your two-factor authentication is now enabled and your account will now require email, password and the verification code generated by your authenticator application to log in.
7. You can choose to trust your browser when you enter the verification code. This will simplify the login experience if you use the same computer when using Datamolino. Please do not choose this when you share computers.
The authenticator app
If you already use an authenticator app, add another account to it for your Datamolino login. If you don't have one already, there are some industry-standard ones that Xero recommends.
Alternatively, search for 'authenticator' in your device's app store. The apps are free, and there are a few options you can choose from.For increased security, we recommend downloading the app to a different device than the one you use to access Xero.
How it works
Although you use a third party app to generate the codes, the app doesn't connect to your Datamolino account and there's no transfer of data between them.
The app automatically generates new codes, and doesn’t need a network connection or mobile signal to do this.
Datamolino generates the same codes, so when you enter the code from your app, it matches Datamolino, verifying it's you logging in. Both codes are generated using the same secret key that's unique to you.
When you set up 2FA, enter the key into your app by scanning a barcode or entering it manually. If you need to re-generate a code, you need to disable 2FA, then set it up again.
The codes are time-based, so make sure the time on your authenticator device is in sync with Datamolino. Let your network provider set the time automatically on your device to prevent getting an out-of-sync or invalid code error.