Two-factor authentication on Amazon adds a second security step when you sign in. Even if someone gets your password from a data breach, they cannot access your account — or your saved payment methods — without a code from your phone. It takes about 2 minutes to set up.

Why does Amazon 2FA matter?

Your Amazon account is more valuable to hackers than you might think. It stores your credit card numbers, your home address, your order history, and your linked services like Kindle, Audible, and Prime Video. An attacker with access to your Amazon account can:

  • Place orders using your saved payment methods and have them shipped to a different address
  • Access your personal information including your name, address, phone number, and email
  • View your entire purchase history which reveals a lot about your personal life
  • Take over linked services like Audible, Kindle, Twitch, and Ring devices

Credential stuffing attacks — where hackers try stolen passwords from other breaches on Amazon — happen constantly. If you use the same password on Amazon that you have used anywhere else, your account may already be at risk.

Check if your email has been exposed in a data breach. If it has, enabling 2FA on Amazon should be one of your first steps.

Microsoft’s security research shows that two-factor authentication blocks 99.9 percent of automated account attacks. For an account with your credit card on file, that extra layer of protection is essential.

How to enable 2FA on Amazon — step by step

You can set this up from either a computer or your phone browser. The steps are the same.

Step 1 — Go to your Amazon account

Open Amazon.com in your browser and sign in. Click Account & Lists in the top right corner, then click Account to go to your account settings page.

On the Amazon app, tap the profile icon, then tap Your Account.

Step 2 — Open Login & security

Click Login & security. Amazon may ask you to enter your password again or verify your identity before showing this page. This is normal — it is protecting your sensitive settings.

Step 3 — Find Two-Step Verification

Scroll down to Two-Step Verification (2SV) and click Edit. This opens the 2FA settings panel.

Step 4 — Click Get Started

Click the Get Started button. Amazon will walk you through the setup process step by step.

Step 5 — Choose your primary verification method

Amazon gives you two options for your primary verification method:

Authenticator app (recommended):

  1. Download Google Authenticator, Authy, or Microsoft Authenticator if you do not already have one
  2. Amazon will show a QR code on screen
  3. Open your authenticator app and scan the QR code
  4. Enter the 6-digit code from the app into Amazon to verify the connection

Phone number (SMS):

  1. Enter your phone number
  2. Amazon will send a text message with a verification code
  3. Enter the code to confirm

Choose Authenticator app for the strongest security. SMS works fine but is slightly less secure because text messages can be intercepted through SIM swapping.

Step 6 — Add a backup method

Amazon requires you to add a backup verification method. This is usually a phone number where you can receive text messages. This backup ensures you can still get into your account if your primary method is unavailable.

Enter a phone number and verify it with the code Amazon sends.

Step 7 — Complete the setup

Review your choices and click Got it. Turn on Two-Step Verification to finish. Your Amazon account is now protected with 2FA.

The next time you sign in from a new device or browser, Amazon will ask for your password and then a verification code from your authenticator app or phone.

How Amazon 2FA works day to day

Once 2FA is enabled, here is what to expect:

  • On trusted devices — Amazon remembers devices where you have already verified. On these devices, you sign in with just your password as usual. You will not be asked for a code every time.
  • On new devices — when you sign in from a new computer, phone, or browser, Amazon will ask for a code after your password. Enter the code from your authenticator app or wait for the SMS.
  • Trust this device option — during login, you can check a box that says “Don’t require codes on this device.” This marks the device as trusted so you will not be asked again.
  • Shopping and checkout — 2FA does not add any extra steps when you are already signed in and making purchases. It only applies at the login stage.

What about the Amazon app?

The Amazon shopping app on your phone works seamlessly with 2FA. After you enable two-step verification:

  1. Open the Amazon app
  2. Sign in with your email and password
  3. Enter the 2FA code when prompted
  4. Optionally, trust the device so you do not have to enter a code next time

Once your phone is trusted, the app works exactly as it did before. No extra steps for browsing or buying.

Protecting your Amazon account beyond 2FA

Two-factor authentication is the most important step, but here are a few more things you should do:

  • Use a unique password — your Amazon password should not be the same as any other account. If you reuse passwords, one breach puts every account at risk
  • Check your email for breaches — the email linked to your Amazon account may already be compromised. Run a free breach check to find out
  • Review your order history — look for any purchases you did not make. If you find unauthorized orders, contact Amazon support immediately
  • Remove old payment methods — if you have credit cards on file that you no longer use, remove them. Fewer stored payment methods means less exposure
  • Check your authorized apps and websites — go to Login & security and review any third-party apps that have access to your Amazon account. Remove any you do not recognize

What about Amazon business accounts and household accounts?

If you have an Amazon Business account, the 2FA process is the same. Go to Login & security and follow the steps above. Business accounts often have access to company payment methods, so protecting them with 2FA is even more critical.

For Amazon Household accounts (where you share Prime benefits with family members), each person has their own login. Every household member should enable 2FA on their own account independently. Your 2FA does not protect their account, and theirs does not protect yours.

Frequently asked questions

Does Amazon 2FA protect my saved credit cards and payment methods?

Yes. Two-factor authentication protects your entire Amazon account, including saved credit cards, shipping addresses, order history, and linked services like Audible, Kindle, and Prime Video. An attacker who steals your password still cannot access any of this without your verification code.

Can I use an authenticator app instead of SMS for Amazon 2FA?

Yes. Amazon supports authenticator apps like Google Authenticator, Authy, and Microsoft Authenticator. This is the more secure option because codes are generated on your device and cannot be intercepted through SIM swapping attacks. Amazon calls this the preferred method during setup.

What happens if I lose my phone and cannot get my Amazon 2FA code?

Amazon requires you to add a backup verification method during setup, which is usually a backup phone number. You can use this to receive a code if your primary phone is lost. If you cannot access either method, Amazon’s customer service can help verify your identity and restore access.

Do I need to enter a 2FA code every time I buy something on Amazon?

No. Amazon remembers devices you have previously verified. On trusted devices, you will not be asked for a code every time. You will only need your 2FA code when signing in from a new device, a new browser, or after clearing your cookies. You can also check a box to trust a device during login.