Skip navigation

How to Add Two-Factor Authentication to Your Amazon Account With Duo Mobile

The convenience of online shopping is now even more secure, with the addition of two-factor authentication for Amazon customer accounts. Read on to see how to quickly enable the security tool with Duo’s free authenticator app, Duo Mobile, in a few easy steps.

More consumers are shopping online than ever - the National Retail Federation reports that consumers spent $4.45 billion on Thanksgiving and the day after. And of those sales, Amazon alone accounted for 35.7% of revenue on Black Friday, and again, dominated at 36% of all online sales on Cyber Monday, of which total online sales across all retailers surpassed $3 billion.

Amazon Cyber Monday Profit Data from Slice Intelligence

But market analysts aren’t the only ones taking note of this upward trend - online attacks targeting online retailers have jumped 25 percent from the previous quarter, according to ThreatMetrix and reported by Tech Week Europe.

It can be as easy as stealing your password via phishing or brute force attacks. And if your online accounts are only protected by a password, you’re at high risk of getting your credit card number and other personal information stolen, especially during the season in which consumer spending is supposed to rise.

Mobile-Based Two-Factor Authentication for Amazon

Duo Mobile Two-Factor Authentication App So how can you, as a consumer, protect yourself online in a matter of minutes - with little effort and zero dollars? Enable two-factor authentication on your Amazon account quickly by downloading a free app and scanning a QR code.

The free Duo Mobile app lets you use TOTP, time-based one-time passwords to verify your identity. That means after you log in with your username and password, you can generate a unique passcode to your mobile app and type it in to gain secure access. The passcode expires after a limited amount of time, meaning no one else can use it after.

Here’s how you can do it by signing up for a free Duo two-factor authentication account (for up to 10 users per account):

  1. First, log into your Amazon account with your username and credentials.
  2. Click on Your Account > Change Account Settings > Advanced Account Settings > Get Started
  3. You’ll be prompted to log in again, then choose to receive codes via Authenticator App
  4. Open your Duo Mobile two-factor app, then click the + button in the upper right corner
  5. Scan the QR code on the screen with your phone

Add Account on Duo Mobile

Then, you should enter your phone number as a second backup method, which will send a code to whatever number you submit (ideal if, for some reason, your app doesn’t work)

Download Duo Mobile for free for iPhone, Android, Windows and BlackBerry.

Now, after you log into Amazon with your username and password, you’ll be prompted to enter a passcode into this screen:

Amazon 2FA

Generate the passcode by opening your Duo Mobile app, tapping the key icon button next to your Amazon account, and typing in the randomly generated code.

A few caveats:

  • This feature is currently only available to U.S. customers
  • Apparently this option is not available on the mobile version of Amazon, so use an old-fashioned computer to enable this security setting
  • You have to manually enable the setting that requires codes on all devices (smartphones, tablets, laptops) that you use to log into your Amazon account (click the option under the heading, Devices that don’t require codes)
  • Or, skip codes on your personal devices, and only require codes from any other device

Amazon Require Codes for 2FA

Adding this essential security precaution may have been prompted by some kind of security event. At the end of November, news broke that Amazon had reset an unknown number of account passwords after they may have been compromised.

In a notification email, Amazon said it “recently discovered that your password may have been improperly stored on your device or transmitted to Amazon in a way that could potentially expose it to a third party.”

Companies that use Amazon’s Web Services (AWS) for hosting and whatnot can also easily add two-factor authentication with Duo’s two-factor authentication service, paid for more than ten users. Check out everywhere you can use Duo's app with other third-party websites.

Other Two-Factor Authentication Additions

It’s not only Amazon that is adding two-factor authentication after security scares. Many other companies are adding the basic security feature for their users’ online accounts, including Patreon, a crowdfunding platform for artists, after they delivered emails notifying users that they detected unauthorized access to their database containing user information. Check out how to enable 2FA with Patreon (same process as above - download app, scan QR code).

Twitch, an online gaming community, recently added 2FA for their users’ accounts, and Capital One 360, the bank, reports that two-factor authentication is on their radar for upcoming release. The trend is sure to continue as consumers are demanding better, if not just the most basic, security features to protect their personal and financial information.