How To Enable Two-Factor Authentication On Amazon

HardOCP News · Nov 18, 2015

The Verge put together a handy "how-to" guide to enabling two-factor authentication on your Amazon account.

Most of the tech world's biggest players offer two-factor logins, and it seems that Amazon's shopping service — a long-standing holdout — has finally joined in. Although there doesn't seem to have been an official announcement, users with Amazon.com accounts can now turn on two-factor authentication in their account settings.

Zarathustra[H] · Nov 18, 2015

I know it makes things more secure, but quite honestly I find two-factor authentication a major pain.

Every time I have to log into my email and look up steams stupid code to enter it in order to log in to my account I curse under my breath.

I use pretty strong passwords. I am happy with that.

Of course, someone could guess their way through the password reset questions, but then they'd need access to my email as well, which is also protected with a strong password.

lcpiper · Nov 18, 2015

I am not entirely sure that this actually qualifies as two-factor authentication. It's basicly two passwords, one you created yourself and another that is temporary and session based. I'm not saying it isn't more secure, just that I am not sure this qualifies as true two-factor authentication.

Normally two-factor authentication would be something like a password and a smart-card, or as they sometimes say, something you know, and something you have. Another factor would be "something you are" like a fingerprint or iris scan.

Perhaps this could be considered a twist on the "something you have", which is your phone that you recieved your code with.

lcpiper · Nov 18, 2015

Security is great, but the level of security you are willing to put up with should be relative to your risk or the value of what the security is protecting.

NickJames · Nov 18, 2015

lcpiper said:
I am not entirely sure that this actually qualifies as two-factor authentication. It's basicly two passwords, one you created yourself and another that is temporary and session based. I'm not saying it isn't more secure, just that I am not sure this qualifies as true two-factor authentication.

Normally two-factor authentication would be something like a password and a smart-card, or as they sometimes say, something you know, and something you have. Another factor would be "something you are" like a fingerprint or iris scan.

Perhaps this could be considered a twist on the "something you have", which is your phone that you recieved your code with.

The advantage is that just getting someones password is not enough. Two-Step meaning even though they have your password they would need access to either the algorithim used to generate the keys or your physical device/email to get the second key to access.

Much safer than just using a password alone.

twonunpackmule · Nov 18, 2015

Anything that has my credit or bank info, I don't mind the extra security. I just would like my fingerprint to be considered more than enough.

lcpiper · Nov 18, 2015

NickJames said:
The advantage is that just getting someones password is not enough. Two-Step meaning even though they have your password they would need access to either the algorithim used to generate the keys or your physical device/email to get the second key to access.

Much safer than just using a password alone.

Yea, your rebutting nothing dude.

I said;

I'm not saying it isn't more secure,....

See, this statement of mine would also translate to "This is more secure" which would also mean

By NickJames;
Much safer than just using a password alone.

lcpiper · Nov 18, 2015

NickJames, what I was pointing out is that this might not qualify as Two-Factor Authentication. Now the news article is titled

How to enable two-factor authentication on Amazon.com accounts

.

But the example below shows that Amazon themselves called it "Two-Step Verification"

Screen_Shot_2015-11-18_at_9.24.56_AM.0.png

Maybe it's marketing, maybe it's because they recognize that calling it Two-Factor Authentication would be a false claim. I can't say. I was just saying that I am not sure that this is actually representative of true Two-Factor Authentication, no matter what the writer claims.

I got a thing with the media and their inaccurate BS if you weren't aware.

Retronym · Nov 18, 2015

It would only be true 2FA if the original session was on a desktop. Logging in from the phone would change that definition.

Quartz-1 · Nov 18, 2015

TFA does not appear to be available for UK users.

timberwolf · Nov 19, 2015

twonunpackmule said:
Anything that has my credit or bank info, I don't mind the extra security. I just would like my fingerprint to be considered more than enough.

And what do you do when your fingerprint/iris/retina is compromised? Get a new one?

How To Enable Two-Factor Authentication On Amazon

HardOCP News

[H] News

Zarathustra[H]

Extremely [H]

lcpiper

[H]F Junkie

lcpiper

[H]F Junkie

NickJames

Supreme [H]ardness

twonunpackmule

[H]ard|Gawd

lcpiper

[H]F Junkie

lcpiper

[H]F Junkie

Retronym

[H]F Junkie

Quartz-1

Supreme [H]ardness

timberwolf

Limp Gawd