Protect your Amazon account with Two-Step Verification

Two-Step Verification is a popular method to improve the security of accounts by adding another verification step to the authentication process.
It blocks attackers from accessing the account with the password alone, as they need the second code as well for that once Two-Step Verification is enabled.
Companies like Google, Twitter or PayPal use two-factor authentication already, and Amazon is the latest to introduce the feature for Amazon accounts.
The feature is being rolled out in the United States as we speak which means that you need to enable it on the US site to make use of it.
It will work with regional Amazon sites afterwards as well though.
Note: You may not need to perform the first step to enable Two-Step verification. Skip it and go directly to Step 2 below instead to give it a try.
Caution: There seems to be no option to create passwords for devices that don't support Two-Step authentication. It is unclear right now how those are handled and if they continue to work after enabling Two-Step Verification.
First thing you need to do is add a mobile phone number to your account. This is best done on the local Amazon site and not Amazon.com unless you are from the United States.
The reason for this is that users are reporting currently that verification SMS are not reaching their phones when they are using the main Amazon site. It works for some though but it is better to use a local site for that as you won't run into this issue.
Step 1: Adding a mobile phone number to your Amazon account
- Open the local Amazon website in your browser of choice, e.g. https://www.amazon.com/.
- Select "Your Account" on the frontpage.
- Select "Change Account Settings" on the next page. You find the option under Settings on the page (third from top).
- Sign-in to your Amazon account if you have not done so already.
- Locate the "mobile Phone Number field" and select add or edit depending on what is being displayed there.
- Pick the right country code and enter your phone number afterwards.
- Click continue and wait for the message to arrive on your phone. You may resend it or edit the number if you made an error.
- Enter the code that you have received and submit it on the Amazon website to verify the mobile phone number.
Step 2: Turning on Two-Step Verification
Now that you have added a phone number to your Amazon account, you may enable Two-Step Verification for the account as well.
Note: Codes are either sent to the device through SMS or generated directly on the device using a compatible authenticator application.
- Visit the Amazon Account Settings page again (as described above).
- Select the edit button next to "Advanced Security Settings". This opens the wizard to enable two-step verification.
- Click Get Started on the next page.
- Select one of the two verification options.
- Method 1 requires a mobile phone. Enter it and click on the send code button to receive a verification code via SMS. Enter that code and click on the verify code button.
- Method 2 requires the use of an authenticator app like Google Authenticator or Authy.
- If you select Method 2, you still need to add a phone number as a backup method. This time however, you may select between SMS or voice call.
- Once that is out of the way, you are taken to the final step of the process. Amazon explains how Two-Step Verification works.
The process itself is similar to how authentication works on other online sites supporting Two-Step Verification:
- Sign in using your email address or phone number, and password in step one. This works on all Amazon sites.
- You receive a code via SMS or need to open the Authenticator app to see the current code.
- Enter the code in the second step.
- Optionally, enable "don't ask for codes on this device" to avoid having to enter codes on the device in the future.
Finally, click on the "got it. Turn on Two-Step Verification" button to enable the feature for your Amazon account.
Disable Two-Step Verification on Amazon
Disabling Two-Step Verification is a quick process.
- Open the Amazon Account Settings again and sign in if you have not done so already.
- Select the edit button next to "Advanced Security Settings".
- Scroll down on the page and click on "disable Two-Step Verification".
- Confirm that you want to disable Two-Step Verification.
Note: Once you have enabled Two-Step Verification on Amazon.com, options to manage the feature become available under Account Settings on regional Amazon sites as well.

Martin, I would appreciate that you do not censor this post, as it’s informative writing.
Onur, there is a misleading statement “[…] GIFs are animated images …”. No, obviously you don’t seem to have take much notice of what you were told back in March regarding; Graphics Interchange Format (GIF).
For example, https://www.ghacks.net/2023/03/31/whats-gif-explanation-and-how-to-use-it/#comment-4562919 (if you had read my replies within that thread, you might have learnt something useful). I even mentioned, “GIF intrinsically supports animated images (GIF89a)”.
You linked to said article, [Related: …] within this article, but have somehow failed to take onboard what support you were given by several more knowledgeable people.
If you used AI to help write this article, it has failed miserably.
AI is stupid, and it will not get any better if we really know how this all works. Prove me wrong.. https://www.youtube.com/watch?v=4IYl1sTIOHI
Martin, [#comment-4569908] is only meant to be in: [https://www.ghacks.net/2023/07/09/how-to-send-gifs-on-iphone-two-different-ways/]. Whereas it appears duplicated in several recent random low-quality non relevant articles.
Obviously it [#comment-4569908] was posted: 9 July 2023. Long before this thread even existed… your database is falling over. Those comments are supposed to have unique ID values. It shouldn’t be possible to duplicate the post ID, if the database had referential integrity.
Don’t tell me!
Ghacks wants the state to step in for STATE-MANDATED associations to save jobs!!!
Bring in the dictatorship!!!
And screw Rreedom of Association – too radical for Ghacks maybe
GateKeeper ?
That’s called “appointing” businesses to do the state’s dirty work!!!!!
But the article says itself that those appointed were not happy – implying they had not choice!!!!!!
@The Dark Lady,
@KeZa,
@Database failure,
@Howard Pearce,
@Howard Allan Pearce,
Note: I replaced the quoted URI scheme: https:// with “>>” and posted.
The current ghacks.net is owned by “Softonic International S.A.” (sold by Martin in October 2019), and due to the fate of M&A, ghacks.net has changed in quality.
>> ghacks.net/2023/09/02/microsoft-is-removing-wordpad-from-windows/#comment-4573130
Many Authors of bloggers and advertisers certified by Softonic have joined the site, and the site is full of articles aimed at advertising and clickbait.
>> ghacks.net/2023/08/31/in-windows-11-the-line-between-legitimate-and-adware-becomes-increasingly-blurred/#comment-4573117
As it stands, except for articles by Martin Brinkmann, Mike Turcotte, and Ashwin, they are low quality, unhelpful, and even vicious. It is better not to read those articles.
How to display only articles by a specific author:
Added line to My filters in uBlock Origin: ghacks.net##.hentry,.home-posts,.home-category-post:not(:has-text(/Martin Brinkmann|Mike Turcotte|Ashwin/))
>> ghacks.net/2023/09/01/windows-11-development-overview-of-the-august-2023-changes/#comment-4573033
By the way, if you use an RSS reader, you can track exactly where your comments are (I’m an iPad user, so I use “Feedly Classic”, but for Windows I prefer the desktop app “RSS Guard”).
RSS Guard: Feed reader which supports RSS/ATOM/JSON and many web-based feed services.
>> github.com/martinrotter/rssguard#readme
We all live in digital surveillance glass houses under scrutiny of evil people because of people like Musk. It’s only fair that he takes his turn.
“Operating systems will be required to let the user choose the browser, virtual assistant and search engine of their choice. Microsoft cannot force users to use Bing or Edge. Apple will have to open up its iOS operating system to allow third-party app stores, aka allow sideloading of apps. Google, on the other hand, will need to provide users with the ability to uninstall preloaded apps (bloatware) from Android devices. Online services will need to allow users to unsubscribe from their platform easily. Gatekeepers need to provide interoperability with third-parties that offer similar services.”
Wonderful ! Let’s hope they’ll comply with that law more than they are doing with the GDPR.
No, they didn’t lmao.
https://twitter.com/vxunderground/status/1706523877478670542