Start the Comet Server background service.
Once Comet Server has started, you should be able to load the Comet Server web interface in your web browser, and then log in using your configured credentials.
The default web address is
The default username and password are both
admin. There is no default two-factor authentication code.
Web browser compatibility
The Comet Server web interface supports all recent desktop and mobile web browsers.
The Comet 23.3.x series was the last release to support Internet Explorer. Internet Explorer no longer receives security patches from Microsoft and is unsafe to use on the public internet.
The Comet 18.8.x series was the last release to support Internet Explorer 8. IE 8 no longer receives security patches from Microsoft and is unsafe to use on the public internet.
Safari and "Ghostery" extension
If you experience an error logging in to the Comet Server web interface with the Safari web browser, please check whether the "Ghostery" browser extension is installed. The Safari version of this extension has not been updated in several years and prevents the use of the Comet Server web interface. Updated versions of this extension are safe to use on other web browsers.
Once you are logged in, you can log out at any time by using the "Log out" option in the user menu in the top right corner.
Web-based login sessions will expire after 30 minutes of inactivity. After this inactivity timer expires, the Comet Server will refuse any requests from the web interface. The session timeout can be modified on the Settings page.
Comet Server uses universal time (UTC) internally for all time calculations. A single worldwide instant can be displayed in any local timezone.
When you log in to the web interface, all times displayed (e.g. backup job start / stop times) will be converted to your browser's timezone (which is inherited from your operating system timezone).
All table views in Comet Server have the following features:
The "Show ## entries" dropdown in the top-left corner of a table allows you to choose the number of rows that are displayed in the table. By default, only the first 15 items are displayed in a table.
You can switch between pages of the table by using the page selector in the bottom-right corner of the table.
Your current page is displayed in the bottom-left corner of the table.
The "Filter..." text field allows you to enter text that will be used to filter the result set in the table. The search filter is applied in realtime as you type.
You can export the contents of any in table in Comet Server.
The following export formats are supported:
- the clipboard, with tab-separated columns
- a CSV (Comma Separated Values) file
- an Excel (
You can use the column selection icon to choose individual columns to hide. It may be possible to show additional information in a table by enabling a column that was hidden by default.
The My Account page allows you to view and change basic details about your Comet Server administrative login account.
Configure two-factor authentication
Two-factor authentication is an additional layer of protection for your Comet Server administrative login account. When this feature is enabled, an additional device (such as a cellphone app, or a hardware token) is also required to log in to the web interface. This means that a stolen password is insufficient to break into the web interface.
If you have any external API integrations that are accessing Comet Server using your user account, this may prevent that functionality. In order to continue using the API simultaneously with protecting your account with two-factor authentication, you should create an additional separate administrator user account exclusively for API usage, with a long randomly generated password.
The Comet Server application supports two-factor authentication for administrator accounts in compliance with the TOTP standard. This standard describes a six-digit code that changes every 30 seconds.
You can enable TOTP-based two-factor authentication for your account as follows:
- Click the "Regenerate TOTP code" button
- Scan the displayed QR code with any TOTP application.
- At the time of writing, we recommend the following applications:
- Configure Comet Server so that a TOTP code is required to log in to the web interface.
- For more information, see the "Comet Server configuration" document > "Admin accounts" section.
Comet Server supports using a WebAuthn authenticator as two-factor authentication for administrator accounts. This includes the following authenticator types:
- CTAP1/CTAP2-compatible hardware security keys (e.g., a YubiKey)
- Any U2F-compatible hardware security keys can be seamlessly used with WebAuthn
- Android devices using screen lock authentication (e.g., fingerprint or PIN)
- Windows Hello (e.g., fingerprint, facial recognition, or PIN) on Windows devices with a valid TPM
As of Comet 21.12.1, Comet Server does not support using Apple Face ID or Apple Touch ID as a WebAuthn authenticator.
WebAuthn registration and login are only available if your Comet Server is using HTTPS.
WebAuthn is supported in all major modern browsers. WebAuthn is not available in Internet Explorer 11.
You can enable WebAuthn-based two-factor authentication for your account as follows:
- Click the green "+" button in the FIDO2 WebAuthn table
- Select the authenticator you would like to use, if prompted
- If only one authenticator is available on the device you are using, you won't be prompted
- Follow the on-screen prompts on your device to allow the Comet Server web interface to access and use your authenticator
- Close the WebAuthn registration dialog. If the registration succeeded, the newly-registered authenticator should be displayed in the WebAuthn table
- Enable WebAuthn two-factor authentication at login by toggling from "Not required" to "Required" and clicking the "Save changes" button
Prior to Comet 21.12.1, Comet supported FIDO U2F for two-factor authentication. U2F is no longer available from Comet 21.12.1 onwards, as it is deprecated and will be removed from the only major browser supporting it by default, Google Chrome, in Google Chrome 98 (expected in February 2022).
Comet Server's WebAuthn implementation is fully backwards-compatible with existing U2F registrations. Existing U2F registrations will be automatically migrated to WebAuthn registrations when Comet Server is updated to Comet 21.12.1; this upgrade process does not require any manual intervention by an administrator. If U2F was enabled for login for an admin user, WebAuthn will automatically be enabled.
You can select this checkbox to enable some additional features in the Comet Server web interface.
The exact functionality is subject to change, and mostly covers highly technical and/or uncommon functionality, that may be useful in specific situations.
As of Comet 21.12.8, the following features are enabled:
|Page location||Advanced action|
|All users page||Bulk replace addresses|
|User detail page||Edit raw profile|
|User detail page||Login as user|
|Add user dialog||Create multiple accounts by CSV|
|Live connected device actions dialog||(Multiple actions)|
|Restore dialog||Delete single snapshot (>= 19.12.2)|
|Restore dialog||View snapshot IDs (>= 21.12.8)|
|Policy page||Edit raw policy|
|Client News page||Remove all|
|About this Server page||Shut down server|
|About this Server page||Restart server|
|About this Server page||Edit raw settings|
If the Authentication role was enabled, the "Accounts" menu should appear when logged in, containing "Users" and "Job history" entries.
The "Add user" button allows you to create a new customer account.
On a Comet Server with the Authentication Role enabled (default), take the following steps:
- Select the "Users" menu item > "Add user" button
- Enter a username and password
- click the Add User button
If the account was created successfully, it is then possible to install and log in to the client software as this user.
There are some character and length restrictions on the username and password. For details, see the "Username and Password" section in the "User configuration" document.
Modifying user account properties
For more information about modifying an existing account, please see the "User configuration" section.
Copy and Paste
Comet Server allows you to copy and paste Protected Item configurations, between users or devices. To perform this action, on the user page > Protected Items tab, click the "Copy" link on the right-hand side.
A "Paste" button appears in the top bar, allowing you to paste this configuration into any device. You can also navigate to a different user and paste the protected item.
Copying and pasting a Protected Item does not copy nor share any backup data nor encryption keys between the accounts or devices.
Storage Vault analysis
A Storage Vault can contain data from multiple Protected Items, all deduplicated together. It is possible to analyze the content of a Storage Vault to see how the data usage is distributed between different Protected Item sources and how much deduplication is being applied.
On the user page > Storage Vaults tab, the value in the "Stored" column may be a blue link. If so, clicking this link opens a dialog window displaying information about the storage breakdown.
Current = The most recent backup job for that Protected Item within that Storage Vault. Historic = The accumulated backup jobs for that Protected Item, except for the most recent one.
The analysis is generated as part of a retention pass. Because retention passes only run when necessary, the analysis information may become outdated by a few jobs; or, no analysis may yet be available for a newly created Storage Vault. In this case, the "Stored" column will be black and cannot be clicked.
You can regenerate the analysis by running a Retention Pass for this Storage Vault, via the Devices tab or the "Connected Devices" page.