Shopify lets you set up two-step authentication. This means that in addition to your regular password (known as the first step), a code will be required (the second step) to approve login requests on your account.
Without this code, you won't be able to log in to your account. It's perfect to stop anyone from logging into your account without permission. Two-factor authentication codes are time-based and randomly generated, which makes the option even more secure than passwords.
In this article, you'll learn how to enable two-step authentication in Shopify using an authenticator, security key, or SMS plus additional ways to protect your account. Let's dive in.
How to Set Up Two-Step Authentication in Shopify
Had over to Shopify and sign in to your account, then click Manage account in the top-right corner.
Click Security on the left side menu of the new page that opens up. Scroll down to Two-step authentication and click Turn on two-step.
You'll be presented with three options to choose from.
Select how you want your two-step authentication set up. You can set up 2SA via an authenticator app, security key, or SMS. We go over all three methods below.
How to Set Up Two-Step Authentication With an Authentication App
Shopify actually recommends this option, as it's the most secure.
If you choose to use an authenticator app, select Authenticator app and click Next. Open your authenticator app on your phone, tap Add Account, tap Scan QR Code, and point your camera at the QR code. Tap Save. If you can't scan the code, tap Enter Code Manually and enter the 32-character key displayed in Shopify.
Next, return to your desktop and enter your Shopify password in the space provided, followed by a 6-digit code generated by the app. Click Enable when done. You will receive email confirmations in your primary and secondary email addresses.
You should now see ten recovery codes displayed on the Download recovery codes page. Click the appropriate button to print, copy, or download the recovery codes.
You can use them to gain access to your account if you lose access to your authenticator app. Keep them in a safe place. Close the dialog box when you're done.
How to Set Up Two-Step Authentication With a Security Key
Bear in mind that security keys, like your phone's fingerprint reader, only work with one device. To sign in on another device, you'll need to add another security key or select a different two-step authentication method altogether.
If you prefer to use a security key anyway, select Security key and click Next.
Enter a name for your security key, followed by your Shopify password. Click Add device when done.
Your browser will prompt you to set up your security key. Click Ok to continue. Next, insert your security key into your computer's USB port to continue setup.
Upon activating your security key, you will find ten recovery codes that you can print, copy, or download. If you lose access to your security key, you may only regain access via recovery codes. Each code can only be used once.
How to Set Up Two-Step Authentication With SMS Delivery
To use SMS as your preferred method, select SMS delivery and click Next.
Select your country code, enter your mobile phone number, and click Send authentication code when done. Shopify will send a code to this number each time you log in to your account.
Enter the 6-digit authentication code sent to your phone followed by your Shopify password, and click Enable.
Once enabled, it'll provide you with ten recovery codes, as with other two-step authentication methods. You can print, copy, or download them to a safe location. Close the box when done.
How to Remove Two-Step Authentication in Shopify
If you decide you no longer need the security and want to turn off two-step authentication for your Shopify account, here's what to do.
Sign in to your Shopify account and click on your profile. Click Manage account. On the left side menu, click Security. Scroll down to the Two-step authentication pane and click Remove, next to your phone number.
Now, enter your password and click Remove. Two-step authentication will now be switched off. All future logins will only require your password.
Securing Your Shopify Account
By implementing security measures, you're securing your Shopify account and making it more difficult for bad actors and cybercriminals to attack you.
Bear in mind that of all the three 2SA methods highlighted above, using a security key is by far the more secure option.
ncG1vNJzZmivp6x7rq3KnqysnZ%2Bbe6S7zGiqnqxdqr1uwNaoZKyslaV6osHToZynrJmYrrW1zqdkrKCfpbanxY4%3D