Locking down your Amazon account is a simple task, and one you absolutely should take the time to do. Your account is a treasure trove of personal information, from credit or debit cards to your address and those of friends and loved ones — all information that any hacker would love to access.
Take a few minutes to audit your personal details, use a more secure password and enable an extra layer of protection for your account.
Double-check your personal info
First, make sure that the information linked to your Amazon account is current. Visit this page and sign in to your account. Next, click on Login & security and verify that your email address and phone number are accurate.
If someone were to try to access your account and change your security settings, Amazon will send you an email to confirm you’re the one who’s making the change(s). Likewise, having a phone number linked to your account will act as a backup method to receive one-time passcodes (more on this below).
Use a secure password
After updating your information, it’s time to pick a strong password. If you already use a password manager that creates, remembers and even enters your passwords for you — fantastic job. That’s exactly what everyone should be doing, especially with the number of breaches, leaks and security issues occurring on a regular basis.
One thing you shouldn’t do is reuse a password across multiple accounts. That will leave all of your online accounts vulnerable, should one of those accounts suffer some sort of breach.
We have a roundup of reliable, trustworthy password managers that you can use. Some are free, others are paid, but either way, it’s time to up your password game.
Once you’ve decided on a password manager, change your Amazon password in the Login & security section by clicking on Edit next to the password field. Enter your current password, then copy and paste your new, random password from your password manager and click Save changes.
Turn on 2-step verification
Another benefit of using a password manager is that they also store the one-time passwords (OTP) that are required to use two-step verification (2SV). You can add an additional layer of security to your Amazon account by turning on 2SV, which then requires you to enter your password followed by a temporary code that’s either texted to your phone or displayed in an app. Without your password and that code, nobody — not even you — can get into your account.
Turn on two-step verification by visiting the Login & security section of your Amazon account, and clicking on the Edit button next to the 2SV settings and then click Get started.
You’ll be given two different options to receive your OTP codes: Phone number or Authenticator app. Using your phone number means you’ll receive a text message containing your code whenever you log into your Amazon account. Alternatively, an Authenticator app lets you access your code within your password manager or a dedicated authenticator app, such as Google Authenticator.
I recommend using an app. It’s more secure than receiving 2SV codes via text, especially with the rise of SIM swap fraud, which allows people to take over your phone number with little effort.
To use one, click on Authenticator app, then use your preferred app to scan the QR code. The app will begin showing you a six-digit code, enter it on the site and click Verify OTP and continue. On the next page, click the button labeled Got it. Turn on Two-Step Verification. That page walks you through the process for signing into devices, like a Kindle, that can’t display the OTP prompt. Instead, you’ll need to enter your password followed by the OTP code in order to sign in.
After you’re done securing your Amazon account, take the time to do the same for your Google, Apple or Facebook account.