What is Two-Step Authentication in Shopify and How Does It Work?
Two-step authentication (also known as two-factor authentication or multifactor authentication) is an enhanced security measure for your Shopify account. It requires two separate steps to log in, ensuring that even if someone else knows your password, they can't access your account without the second step. This second step involves either a one-time use code sent to a mobile device (via SMS or an authenticator app) or a security key.
Here's how you can enable two-step authentication in Shopify using SMS and an authenticator app:
Enabling Two-Step Authentication Using SMS Text Messages
- From your Shopify admin, click your username and account picture.
2. Click Manage account > Security.
3. In the Two-step authentication section, click Turn on two-step.
4. Enter your password, and then click Next.
5. From the Authentication method list, select SMS delivery.
6. Select a country code, and then enter your phone number.
7. Click Send authentication code.
8. Check your mobile phone for an SMS text message.
9. Retrieve the six-digit code from the text message, and then enter it under CHECK YOUR PHONE.
10. Click Turn on.
11. Save your recovery codes in case you lose access to your mobile device. Make sure that you store them in a safe location offline that you can access in multiple ways, such as from your mobile device, your desktop computer, and from a printed document.
It's advised to save your recovery codes in a safe, accessible location.
Enabling Two-Step Authentication Using an Authenticator App
Before you begin
Install an authenticator app on your mobile device (e.g., Google Authenticator, Duo Mobile, Amazon AWS MFA, Authenticator by Windows/Andorid/iPhone, and Authenticator by Microsoft).
Log into your Shopify admin and click your username and account picture.
Go to Manage account > Security.
In the Two-step authentication section, click Turn on two-step.
Enter your password and click Next.
Select the Authenticator app from the Authentication method list.
Activate an authenticator app in Shopify
- From your Shopify admin, click your username and account picture.
-
Click Manage account > Security.
-
In the Two-step authentication section, click Turn on two-step.
-
Enter your password, and then click Next.
-
From the Authentication method list, select Authenticator app.
7. Using your authenticator app, scan the QR code.
8. Enter the six-digit code that is generated by your authenticator app, and then click Turn on.
Save your recovery codes in case you lose access to your mobile device. Make sure that you store them in a safe location offline that you can access in multiple ways, such as from your mobile device, your desktop computer, and from a printed document.
Enabling two-step authentication significantly enhances the security of your Shopify account. It's especially important for store owners using Shopify Payments, as two-step authentication is required to prevent security breaches that could lead to financial losses.
For detailed guidance and additional options for two-step authentication in Shopify, you can visit the Shopify Help Center's pages on Two-step authentication, SMS text messages, and the Authenticator app.