Skip to main content

Domains Help

What is OTP?

A one-time password (OTP) is an extra layer of security we use to verify your identity. Accounts with 2-step verification won't need to use an OTP for identity verification. We'll ask for this verification when you complete certain actions on a domain with domain protection to shut down domain hackers and malicious transfers.

How does OTP work?

Certain domain actions can't be completed until your identity is verified when your domain has upgraded domain protection. We'll send the verification code via SMS or an authenticator app if you've had 2-step verification (2SV) enabled for at least 72 hours. Otherwise, select Send Password and we'll send a one-time password to your registrant email address.

When will I get an OTP?

We'll send a verification code or OTP if you're trying to complete any of these actions on a domain with domain protection:

OTP limitations

There are a few limitations you'll need to be aware of to keep your domain protected.

  • Your OTP code is only valid for 60 minutes after it's been requested.
  • You are limited to requesting 5 one-time passwords in a 7 day period per domain action (listed above) per domain.
  • If you enter an incorrect password 3 times, you'll be locked out of that action on that domain for 24 hours.

Where will I get the OTP?

We'll send the OTP to the Registrant email address listed on your domain name. This is an additional layer of security to protect your domain name from malicious takeover attempts.

Where can I view or update my Registrant email address?

You can view all contact information, including the Registrant email address associated with the domain, in your GoDaddy account.

Related step

More info