Sell on Amazon Sign In
This article applies to selling in: Germany

About Two-Step Verification

What is Two-Step Verification?

Two-Step Verification (2SV) is Amazon’s Multi-Factor Authentication (MFA) solution. It provides two authentication challenges, requiring both a static knowledge challenge (password) and a dynamic knowledge challenge (OTP), offering better protection than a static password alone.

2SV helps you protect your account against Account Take Over (ATO). Due to the practice of password reuse, when breeches happen externally, it puts Amazon customers at risk who re-use the same password with Amazon. Anyone who knows your password will be able to Sign-In to your account. 2SV protects against such occurrence.

How does Two-Step Verification work?

After enabling 2SV, when you sign-in to Seller Central, you will need to complete a password challenge and a One Time Password (OTP) challenge. The OTP will either be sent to an enrolled phone number via SMS or voice call, or generated by an authenticator app. Without knowing the password and knowing the OTP, it will not be possible to sign-in. For your protection, treat the OTP with as much protection as your normal password, until after it is used. If a bad actor knows your password, and knows your OTP before it is used, they will be able to sign-in to your Amazon account.

What are the device requirements for Two-Step Verification?

When you first activate 2SV, you will need to designate two different 2SV authenticators – one will be your primary method and the other will serve as a backup if you lose access to the primary device.

You can receive OTPs using the following options: An authenticator app, voice call via mobile or landline phone, or via SMS. Authenticator apps are recommended because they are easy to use, do not require access to a network, and are available for free through app stores on personal computers, and smart devices – including mobile phones and tablets. For more information, see Use an authenticator app for Two-Step Verification.

You cannot use an authenticator app as both your primary and backup method, so you will need to choose an SMS or voice enabled phone as either your primary or backup methods for receiving your OTP. The following table outlines both primary and backup options available to you:

If primary method for receiving OTP is Select one of the following as your backup method
SMS-enabled phone (for text messages)
  • Different voice-enabled phone*
  • Different SMS-enabled phone*
  • Authenticator app
Voice-enabled phone (landline)
  • Different voice-enabled phone*
  • Different SMS-enabled phone*
  • Authenticator app
Authenticator app
  • SMS-enabled phone
  • Voice-enabled phone
* You cannot use the same telephone number for both your primary and backup method for receiving OTPs.

Typically, you will only use your primary method for receiving OTPs; however, if you do not have access to your primary method or you are not receiving your OTPs, you can have your OTP sent to your backup method by clicking Didn’t receive the code?

If you lose or change the phone number of your primary method for receiving your OTP, you can always update it in Seller Central once you have successfully signed-in using your backup method. To make changes to your primary and secondary methods, you must have access to at least one of your devices. If you do not have access to either your primary or secondary methods, see Two-Step Verification Account Recovery.

What if I don’t have a second phone number or a cell phone for Two-Step Verification?

A mobile phone is not a requirement for 2SV. In addition to using an authenticator app you can always receive your OTP by voice call to a landline.

For more information on authenticator apps, see Use an authenticator app for Two-Step Verification.

How do I enable Two-Step Verification?

If you are an existing Seller Central user who has not enabled 2SV, you will be prompted to activate 2SV the next time you sign-in to Seller Central. Click Enable Two-Step Verification and follow the on-screen instructions.

You can also access the Advanced Security Settings page from the Retail site, which will take you through an identical experience.

  • 2SV is tied to your Amazon account. If you use the same account for both your Amazon buyer and seller activity, 2SV will be applied to both experiences.
  • If you haven’t already done so, Amazon recommends that you create individual accounts with different email addresses, via User Permissions, for everyone accessing your seller account. Not doing so could pose a security risk for you in the future and could cause loss of access to anyone else using that particular account. See the Help topic Set user permissions for more information.
  • If you already have individual seller accounts for each user accessing your seller account, each account will need to enable 2SV separately.

For a step-by-step guide on enabling 2SV, see How to enable Two-Step Verification.

Do I always need to be challenged with OTP when I sign-in to my account?

After you have successfully signed-in to your account through the 2SV process, you can simplify future sign-in on computers and devices that you routinely use.

The next time you enter your OTP on your computer or device, tell us not to ask for a OTP on that device in the future by clicking the check box next to Don’t ask for codes on this device.

Note: The “Don’t ask for codes” setting degrades the security of the account for that device as it suppresses the OTP challenge. This setting may also reset itself for a number of reasons beyond Amazon’s control. If so, Amazon will be unable to help you with most issues you might experience related to the OTP challenge. We can, however, tell you that the following actions may interfere with the 2SV OTP “Don’t ask for codes” feature:
  • Setting your browser to block the use of cookies.
  • Clearing your cache or deleting cookies (check your web browser settings).
  • Updates to your PC, device, or apps on your device, including your web browsers.
  • Accessing Seller Central from a web browser than the one you used to add your trusted device.
  • Using a browser toolbar that affects browser settings.
  • Using anonymous browser mode or programs that obscure identity, including the use of proxy and VPN servers.
  • If you have used the seller mobile app, logging out of it might reset the trusted device status on your mobile device.

Accessing Seller Central from different locations or networks (LAN, WAN, WLAN), or changes to your IP address. Having multiple users who use the same credentials may increase these occurrences, so make sure that each person accessing your account has their own credentials. See Set user permissions for more information.

Note: You can access your Advanced Security Settings at any time to identify the number of devices that suppress the OTP challenge during sign-in. Here, you can clear this setting for all devices by selecting Require codes on all devices. We do not have the ability to clear the setting on specific devices. However, once all devices have been cleared, you can re-select Don’t ask for codes on this device option upon your next sign-in with that device.

Sign in to use the tool and get personalized help (desktop browser required). Sign In


Was this article helpful?
Thank you for your feedback
What can we improve? (Optional)
1000
(Optional)
1000
Thanks again for your help!
Thank you for your feedback. If you have more questions, please Contact Us.

Reach hundreds of millions of customers

Start selling on Amazon


© 1999-2020, Amazon.com, Inc. or its affiliates