Recover access to your account
Recovery methods are used when you have lost your login or password. They do not override any secondary account security settings. You will still need to contact Gandi's Customer Care team regarding these security features.
If your account is simply password-protected, you can still recover access to your account yourself.
Email Recovery
The email recovery feature allows you to send an email containing a validation code to one of the addresses you have saved on your account. These email addresses are chosen "randomly" during the recovery procedure, so you'll need to make sure you have easy access to the ones you've added, ideally at all times.
You can have up to 5 email addresses linked to your account recovery.
Adding an address
To add a recovery address, click on your username in the top right-hand corner of your account administration, after logging in.
- Choose "Settings",
- Go to the Login and Security Management section at the bottom of the page and click on the "Account and Security" button.
- On the next page, select "Recovery options".
- Under the Email Recovery heading, click on the "Add Email" button.
- Enter your email address and then confirm your selection.
- Check your email client: an email containing a code to enter on the interface should arrive shortly.
- Confirm the code.
Email address status
There are only 2 possible statuses for recovery email addresses: - VALIDATED: the address has been validated by the code that is sent to you, and is active. It can be used in the account recovery process. - PENDING: The address has not yet been validated. It therefore cannot be used in a recovery process.
Operations regarding email addresses
Depending on the status of the address in question, you have two possible courses of action: - Delete it, via the red "Trash" icon. Both validated and pending addresses can be deleted. - Resend the verification code, via the "Paper plane" icon. This will send a new email containing a validation code and display a window for entering the code.
Important note
You will not be able to delete the last remaining email address to avoid blocking the recovery of your account, as this is Gandi's default recovery method.
Account Recovery via QR Code
If you're using a cell phone (smartphone), the QR Code account recovery option is your best bet. Just scan a previously saved QR Code as a validation step in the recovery process.
You can only have one active QR Code per account.
Adding a QR Code
To add a recovery QR Code, click on your username in the top right-hand corner of your account administration, after logging in.
- Choose "User Settings",
- Go to the Login and Security Options section and click on "Recovery options".
- Under the Recovery by QR code heading, click on the "Generate a QR Code" button.
The system will then open a new tab or page in your browser with a PDF displayed containing your recovery QR Code. You can save the PDF for later, or print it out. Either way, save it in a safe place!
All you have to do is "scan" it during a recovery process, when you're prompted to do so.
QR Code operations
You can delete the QR Code you've generated should you lose it. Once deleted, you'll be able to generate a new one. Keep in mind that the code is different each time it is generated.
Note
Depending on your browser settings, you may only be prompted to save the PDF file.
Recovery via a security key
"Security keys" refers to a series of physical devices (such as FIDO or YUBI keys) that connect to your computer to act as an "authenticator" for the recovery of access to your account. There's no limit to the number of security keys you can have linked to your account, but remember that you must "potentially" have access to all of them should you need to recover access to your account.
Security keys are managed both for double authentication (MFA) when logging in to your account, and as a validation step when retrieving your account. They are therefore managed in two ways on our interface.
Adding a security key
To add a physical security (recovery) key, after logging in, click on your username in the top right-hand corner of your account administration.
- Choose "User Settings",
- Go to the Login and Security Management block at the bottom of the page and click on the "Account and Security" button.
- On the next page, select "Recovery options".
- Go to Recovery by Security Key.
- Click on "Add security key".
A window will open, asking you to choose a name to identify this key. You'll also see two checkboxes:
- "Use this key every time I log in" (or "MFA"). The key you add will also be used as a second authentication to log in. This box is unchecked by default.
- "Use this security key as a recovery option". This is the feature in question, so it's checked by default.
Click on "Continue". Depending on your browser, it's highly likely that a window will open requesting authorization to "read" your key via the browser. Click on "Continue" (or "Authorize" depending on your browser), then press the key button.
Once the key has been registered, you'll see a confirmation message. Click on the "Let's go" button. Your key will appear in the list, with a "Recovery" tag next to it. Your key can now be used in the account recovery process.
Security key operations
- Delete: Use the "Red garbage can" icon to delete this key, which will no longer be used for account recovery.
If you see an "MFA" tag in addition to the "Recovery" tag next to a key, this means that it is also used for double authentication. In such a case, deletion will only remove the recovery "role" from your key. It will remain available for double authentication. To remove it entirely, you'll need to manage it from the "Authentication options" section of your account settings.
- Activate account recovery with this device ("➕" icon). If you've already enabled a security key for dual authentication, it will appear in the list and you can add the recovery "role" to it by simply clicking on the "plus" icon. (It is not necessary to insert the key for this operation).
Note
If you also want to use one or more of the keys saved in account recovery as a second authentication factor, you'll need to do so from the "Authentication options" section of your account settings.