About Two-Step Verification
Two-Step Verification (2SV) is Amazon’s Multi-Factor Authentication (MFA) solution. It provides two authentication challenges, requiring both a static knowledge challenge (password) and a dynamic knowledge challenge (OTP), offering better protection than a static password alone.
2SV helps you protect your account against Account Take Over (ATO). Due to the practice of password reuse, when breeches happen externally, it puts Amazon customers at risk who re-use the same password with Amazon. Anyone who knows your password will be able to Sign-In to your account. 2SV protects against such occurrence.
After enabling 2SV, when you sign-in to Seller Central, you will need to complete a password challenge and a One Time Password (OTP) challenge. The OTP will either be sent to an enrolled phone number via SMS or voice call, or generated by an authenticator app. Without knowing the password and knowing the OTP, it will not be possible to sign-in. For your protection, treat the OTP with as much protection as your normal password, until after it is used. If a bad actor knows your password, and knows your OTP before it is used, they will be able to sign-in to your Amazon account.
When you first activate 2SV, you will need to designate two different 2SV authenticators – one will be your primary method and the other will serve as a backup if you lose access to the primary device.
You can receive OTPs using the following options: An authenticator app, voice call via mobile or landline phone, or via SMS. Authenticator apps are recommended because they are easy to use, do not require access to a network, and are available for free through app stores on personal computers, and smart devices – including mobile phones and tablets. For more information, see Use an authenticator app for Two-Step Verification.
You cannot use an authenticator app as both your primary and backup method, so you will need to choose an SMS or voice enabled phone as either your primary or backup methods for receiving your OTP. The following table outlines both primary and backup options available to you:
| If primary method for receiving OTP is | Select one of the following as your backup method |
|---|---|
| SMS-enabled phone (for text messages) |
|
| Voice-enabled phone (landline) |
|
| Authenticator app |
|
Typically, you will only use your primary method for receiving OTPs; however, if you do not have access to your primary method or you are not receiving your OTPs, you can have your OTP sent to your backup method by clicking Didn’t receive the code?
If you lose or change the phone number of your primary method for receiving your OTP, you can always update it in Seller Central once you have successfully signed-in using your backup method. To make changes to your primary and secondary methods, you must have access to at least one of your devices. If you do not have access to either your primary or secondary methods, see Two-Step Verification Account Recovery.
A mobile phone is not a requirement for 2SV. In addition to using an authenticator app you can always receive your OTP by voice call to a landline.
For more information on authenticator apps, see Use an authenticator app for Two-Step Verification.
How do I enable Two-Step Verification?
If you are an existing Seller Central user who has not enabled 2SV, you will be prompted to activate 2SV the next time you sign-in to Seller Central. Click Enable Two-Step Verification and follow the on-screen instructions.
You can also access the Advanced Security Settings page from the Retail site, which will take you through an identical experience.
- 2SV is tied to your Amazon account. If you use the same account for both your Amazon buyer and seller activity, 2SV will be applied to both experiences.
- If you haven’t already done so, Amazon recommends that you create individual accounts with different email addresses, via User Permissions, for everyone accessing your seller account. Not doing so could pose a security risk for you in the future and could cause loss of access to anyone else using that particular account. See the Help topic Set user permissions for more information.
- If you already have individual seller accounts for each user accessing your seller account, each account will need to enable 2SV separately.
For a step-by-step guide on enabling 2SV, see How to enable Two-Step Verification.
Do I always need to be challenged with OTP when I sign-in to my account?
After you have successfully signed-in to your account through the 2SV process, you can simplify future sign-in on computers and devices that you routinely use.
The next time you enter your OTP on your computer or device, tell us not to ask for a OTP on that device in the future by clicking the check box next to Don’t ask for codes on this device.
- Setting your browser to block the use of cookies.
- Clearing your cache or deleting cookies (check your web browser settings).
- Updates to your PC, device, or apps on your device, including your web browsers.
- Accessing Seller Central from a web browser than the one you used to add your trusted device.
- Using a browser toolbar that affects browser settings.
- Using anonymous browser mode or programs that obscure identity, including the use of proxy and VPN servers.
- If you have used the seller mobile app, logging out of it might reset the trusted device status on your mobile device.
Accessing Seller Central from different locations or networks (LAN, WAN, WLAN), or changes to your IP address. Having multiple users who use the same credentials may increase these occurrences, so make sure that each person accessing your account has their own credentials. See Set user permissions for more information.
