How to protect your Amazon account with two-step verification (2SV)

Protect your Amazon account with an extra layer of security.

David bisson
David Bisson
@
@DMBisson

How to protect your Amazon account with two-step verification (2SV)

As part of my ongoing series on two-step verification (2SV), I recently showed you how you can branch out a bit.

Specifically, after walking you through the steps on how you can protect your Google, Apple, Yahoo!, Facebook, Twitter and Dropbox accounts with this additional layer of security, I shifted to securing those web accounts that contain your financial information. I began with PayPal. Let’s now tackle a popular e-commerce website: Amazon.

In this guide, I will show you how you can protect your Amazon.com account with two-step verification.

Sign up to our free newsletter.
Security news, advice, and tips.

1. Sign into your Amazon.com account using a web browser.

2. On the Amazon homepage, you will see near the top right of your screen the text, “Hello, [Your Name].” Displayed beneath that friendly greeting is the hyperlinked text “Your Account” in bold. Click on that hyperlink.

Amazon 1

3. You will be directed to Your Account page, where you have the option of checking on the status of your orders, managing your payment options, changing your password, accessing your digital content, and lots more! For now, we’re interested in one thing: changing your account settings so that you can enable 2SV.

With that in mind, scroll down to the “Settings” section. (It should be the third section listed on the page.) Under the bolded “Account Settings” subsection, click on the hyperlinked text “Change Account Settings.”

Amazon 2sv 2

4. Before you can access your account settings, Amazon might prompt you to reenter your login information. Do so and click the “Sign in” button.

5. On your “Change Account Settings” page, you will see your name and email. You can use this page to add a mobile number, change your password, or manage your account’s advanced security settings. That last option is the one we want, so click on the “Edit” button in the “Advanced Security Settings” table cell.

Amazon 2sv 3

6. Amazon’s advanced security settings consist wholly of two-step verification. As a result, you will be directed to a page that explains how 2SV works and how it can protect your account.

On that page, you will see a “Get Started” button. Click on that button.

Amazon 2sv 4

7. You will now need to complete three steps to enable 2SV on your Amazon account. Step 1, you will need to choose by which method you would like to receive verification codes. You can select either text message (SMS) or an authenticator app like Google Authenticator. We will go with the former.

Enter your mobile phone number into the designated text field and click on the “Send code” button. Doing so will send a verification code to your mobile phone. Once you have received that text message, enter the code into the other designated text field and click “Verify code and continue.”

Amazon 2sv 5

8. For Step 2, you will need to add a backup phone by which you can receive verification codes via text message (SMS), phone call, or an authenticator app. The verification process is exactly the same as the one in Step 7. Replicate that process with a trusted backup phone number.

Amazon 2sv 6

9. As the final step, Amazon will notify you of two important elements you should consider before enabling 2SV on your account.

The first is the fact that some devices do not display a second screen allowing you to enter in a verification code. This could potentially lock you out of your account. To address that issue, Amazon will walk you through a work-around.

The second is the option that you can “trust” the computer or device you are using to register 2SV. That will disable receiving codes whenever you attempt to log into your account on that device alone. (Should anyone attempt to log in from a non-trusted device, you will still receive a code.)

For the purposes of this walkthrough, we will skip that option and click the “Got it. Turn on Two-Step Verification” button located near the bottom of the page.

Amazon 2sv 7

10. And you’re done! You will be redirected back to your “Advanced Security Settings” page, where you will be notified you have successfully enabled 2SV on your account. You can now use this page to manage your 2SV settings, including your primary and backup mobile phone numbers.

Now whenever you attempt to log in, you will be brought to this page after entering in your username and password:

Amazon 2sv 8

Simply enter in the SMS verification code, click on the “Sign In” button, and you will automatically be directed to the Amazon homepage.

Read more:


David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

16 comments on “How to protect your Amazon account with two-step verification (2SV)”

  1. IanB

    Doesn't currently work on Amazon.co.uk – there's no advanced settings option.

    1. Graham CluleyGraham Cluley · in reply to IanB

      In this article, John Dunn of Techworld explains a method by which Amazon UK customers can still benefit from two step verification: http://www.techworld.com/security/how-brits-can-enable-amazon-two-factor-authentication-security-now-3631955/

      1. AlainCo (@alain_co) · in reply to Graham Cluley

        sorry, I did not see your comment.
        In france problem seems the same as in UK.
        Probably solution is same, but i did not test.

      2. Thomas · in reply to Graham Cluley

        Thanks for that. I'm another amazon.co.uk customer. One thing though…creating a password for the .com account makes that the password for my amazon.co.uk and amazon.de accounts as well. Same password on multiple sites? Bad form! At least I have the 2SV set up.

    2. Richard Heider · in reply to IanB

      It also does not show up on amazon.de.

      However, once I activated it for my account at amazon.com, it was also activated at amazon.de and the option did suddenly show up in the menu.

      => Workaround: go to amazon.com to change the setting.

      1. GordonL · in reply to Richard Heider

        Thanks Richard -that worked fine. Took me a few minutes to find "UK +44" in the dropdown for secondary phone number. Even better, my desktop doesn't require 2SV as it is now trusted, but every other device out there does -sweet!

      2. Sean Durrant · in reply to Richard Heider

        Thanks Richard. Logging into Amazon.Com and setting it up seems to have worked for me also.

  2. AlainCo (@alain_co)

    Thanks for those numerous how to and advices.
    Note that on amazon.fr it seems that there is no such 2SV option.
    account settings propose mobile phone number, but nothing like 2SV

    I imagine this is not the only local amazon with such difference.

    1. David L · in reply to AlainCo (@alain_co)

      Hi, you should read thru the comments again, as I believe the one above about Amazon.de will be helpful. Or mine below if you are trying to do this only on a mobile device.

  3. Alan R. Parker

    I did have the UK based version with 2sv until about a month ago, at which point I had to disable it. The android app giving me the code failed 80% of the time to give me a code the amazon prompt would accept so I kept having to get a code sent over sms instead.

  4. David L

    For those trying to do this on mobile, once you sign in,scroll to the bottom of page, tap "full site" then follow the directions layed out in the article.

    The mobile page only allowed adding your mobile number, but did not activate 2 factor sign in.
    This was for US mobile phone, on Sprint, and should be similar on other networks, and finally, I used the Chrome browser, since it has no add-ons,or extensions to interfere with the process.

  5. David L

    Oh I almost forgot! Thanks David B, for the reminder, as I have virtually all other accounts protected by 2 factor, and now will have to see if I forgot any others.?

    Once you use 2 factor on a regular basis, it's like automatically putting on your seatbelt or whatever you call it across the pond, lapbelt, perhaps? It's the law over here and becomes just as natural as putting the key in and starting the car.

  6. Emma

    Thanks for taking the time to write these clear instructions for those who don't quite understand how it all works. But what about the information presented in this archived article from last November? Has this issue been resolved? I have not enabled 2SV on my Amazon account for this reason alone. https://grahamcluley.com/amazon-account-security-problem-uncovered/

  7. Andy

    How does enabling 2SV impact the Amazon Instant Video app on smart TVs? I presume you would need the second step only when first entering your credentials into the app?

  8. Heather

    Thanks for this – works a treat.

  9. Jim Goodyear

    Your Amazon UK account does not offer the 2 step verification process; so ,in the browser heading change 'amazon.co.uk' to 'amazon.com' and then sign in and the 2 step verification process, as above, can be followed
    It works, i've just done it !!

Leave a Reply to Graham Cluley Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.