Yandex two-factor authentication – additional account protection. Enable two-factor authentication

Yandex launched a two-factor authorization system and released the Yandex.Key application for logging into your account without having to remember and enter a complex password. The application is already available on Android and iOS, and logging into it on new iPhone models can be protected with a fingerprint scanner.

There are several ways to log into your account via Yandex.Key, but first you need to go to the settings page yandex.ru/promo/2fa and enable two-factor authentication.

Confirm your phone number with the code received via SMS.

Install the Yandex.Key application on your smartphone or tablet.

Launch the application and scan the QR code on the Yandex website. If your mobile device does not have a camera, click “Show secret key” and enter the displayed characters in the application.

Create a PIN code and enter it on the website or app.

Enter the one-time password generated by the application on the website. This password is only valid for 30 seconds, and then a new one appears. To complete the setup, you will need to enter your permanent account password again.

These steps only need to be completed once. After activating two-factor authentication, you will need to re-authorize in Yandex websites on all devices. You can create separate passwords to access applications.

Now a button with a QR code icon will appear on the Yandex account login page.

First, log into your main Yandex account, if you have one. If it doesn’t exist yet, you can always create it after simple registration.

Enable and configure two-factor authentication

So, in your Yandex account, click on the account and go to the section Passport. Then - in the section Access Control press Set up two-factor authentication.

A window of the same name opens, in which you need to go through the steps of enabling and configuring two-factor authentication.

In the first step, we indicate the phone number and confirm it by receiving a code via SMS over the phone.

The next step is to create a PIN code. It is required to access the Yandex.Key application, installed on your smartphone or tablet.

The PIN code can consist of 4 to 16 digits. Enter them in the field and click Create.

A window will open with a QR code and a proposal to add your account to the Yandex.Key application.

Installing the Yandex.Key application

We launch it and a yellow button appears at the bottom of the window that opens with a suggestion - Add an account to the application.

We press the button, a window will open on the smartphone screen in which you need to enter the previously invented PIN code.

Once the PIN code is entered, the camera will automatically turn on. We point the camera at the QR code in the monitor window and wait for authorization.

Another way to login

Otherwise, to organize two-factor authentication after entering the PIN code, you can choose the option of receiving a 30-second one-time password.

In the fourth step of setting up two-factor authentication, you need to link the Yandex.Key program to your Yandex account. To do this, enter the one-time password received on your smartphone.

If it turns out that it is impossible to enter it in time, then you need to wait for the next time the numbers appear on the smartphone and enter it.

After entering, press the button Turn on and that’s all, the Yandex.Key program is activated and from now on two-factor authentication should work.

Now on all devices - computer, smartphone - you need to log out and log into your account again with the existing one-time password, or with a QR code, using the Yandex.Key application on your mobile phone.

In Yandex.Mail we receive a letter notifying that two-factor authentication is working.

In the received letter you can also find recommendations for setting up new access and using two-factor authentication.

Yandex two-factor authentication for other services

For Yandex.Mail, Ya.Disk and other Yandex services, it is possible to create different passwords. This will significantly increase the level of security of personal data and the account as a whole. You can read about their safe storage.

To do this, go again to the section Passport - Access Control. We select the program, in this case - Disk access.

For convenience, we call this connection, for example, My disk and press Create a password.

So, the password has been created, and it will only be displayed once. Therefore, if it is not saved, then it is better to delete it in the future and create it again.

Now you can connect to a Yandex network drive. Through any file manager we gain access to Yandex.Disk using this password.

Thus, Yandex.Disk and the main Yandex account will be protected with separate passwords using the two-factor authentication function.

Disable two-factor authentication

If in the future you want to stop using two-factor authentication, then just go to the section Access Control and go through the shutdown procedure.

That is, we press the switch Off enter the one-time password issued by Yandex.Key, click Confirm.

Thus, two-factor authentication of the Yandex account is disabled. You must keep in mind that in this case, passwords for Yandex.Disk and other services, if they are created, are also reset.

Many users whose activities are related to making money on the Internet or storing important information online try to protect their accounts from hacking and theft of confidential data.

Of course, a complex password, including numbers and letters, as well as special characters, is quite reliable protection, but two-factor authentication provides the maximum effect.

However, not every person knows about this option for protecting their accounts, and this despite the fact that today more and more services (mail providers, social networks, etc.) offer to take advantage of this opportunity.

What is two-factor authentication?

So, what type of protection are we talking about? In fact, you've already seen two-step verification. For example, when you are going to perform any operation with money on the WebMoney website, then, in addition to your login and password, you will need to indicate a confirmation code that will be sent to your mobile phone.

In other words, two-factor authentication is the second key to your account. If you activate this option, for example, in Evernote (there is such an option), then an attacker who managed to guess the password for this notes service will face another problem - the requirement to specify a one-time code that is sent to your phone number. It is worth noting that if an attempt is made to hack your account, you will receive an SMS and you will be able to instantly change your password.

Agree that this is a very convenient option, using which you will worry less about the loss of personal information.

Where is the best place to use it?

Of course, some users may object, arguing that two-step authentication is too much “unnecessary steps”, and in general, it is intended for paranoid people who always think that someone is watching them.

Perhaps they are right in some ways. For example, for social networks it is not at all necessary to use this method of protection. Although here one can argue. As a rule, attackers try to hack the accounts of administrators of popular “publics.” And you, most likely, would also not want to one day notice that your account in one of the “social networks” was hacked and completely indecent photos were posted on the “Wall”.

As for other services, for example, Yandex two-factor authentication will allow you to safely store your registration data from WebMoney and others) or letters containing secret information.

Google Account Protection

One of the most popular services today is Google. This is where you can register an email account, store documents on Google Drive, create a blog or channel on YouTube for free, which can later bring you profit.

In order for users to be confident in the safety of documents stored on mail or disk, they are offered two-factor authentication by Google. To activate it, you must log into your account.

Now, having opened, for example, your mailbox, pay attention to the avatar in the upper right corner. Click on it and go to “My Account”. Here you need the “Security and Login” section, namely the “Sign in to Google Account” link.

On the right you will see the “Two-Step Verification” option, where you need to click the arrow to activate it. A window will open in which you are interested in the “Proceed with setup” button. Enter your password and follow further instructions.

Two-factor authentication "Yandex"

Yandex also offers its users quite a lot of useful services. In addition to cloud storage of information on Yandex.Disk, you can get yourself an electronic wallet where you will withdraw the money you earn on the Internet.

And, of course, Yandex did not stand aside and also offers its users to use two-factor authentication to protect documents stored in the mailbox.

To enable it, you will need to follow a few simple steps. Log in to your account and click LMB on your profile photo (top right corner). Select "Passport" from the drop-down menu. A window will open in which you need to click on the “Access Control” link. Set the “slider” to the “ON” position. You will be redirected to a page where you need to click on the “Start setup” button. Now go through the 4 steps to activate two-factor protection.

Social network VKontakte"

As mentioned above, attackers usually try to gain access to the accounts of “admins” of popular groups. But this is not always the case, because simply the personal correspondence of some person well-known on the Internet may be of interest.

It is worth noting that for some users, this method of protecting an account begins to cause irritation over time, since it requires constant entry of a secret code, in addition to the login and password. In such cases, you need to know how to disable two-factor authentication. However, first we will deal with activating this option.

In fact, enabling two-step verification is very simple. Select "My Settings" and then go to the "Security" tab. In the “Login Confirmation” section, click on the “Connect” button. Now follow all the requirements one by one.

Disable two-factor authentication

In order to deactivate two-step protection in Yandex, you will need to go back to your “Passport” by clicking on your avatar. After that, open the “Access Control” section and set the slider to the “Off” position.

Conclusion

Now you know what two-loop authentication is and why it is needed. When using a particular service, you can activate this additional protection or refuse this feature.

Of course, in some cases it is highly recommended to enable two-step verification. For example, when registering on WebMoney, you indicated your email from Yandex. While working on the Internet, you can become a victim of hackers who will hack your mailbox and gain access to your electronic wallet. To prevent this from happening, it is better to install and link your e-mail to your phone. This way you can react quickly if they try to hack you.

We continue our review of authenticators for Android. Let me remind you that in the last article we studied not only famous applications for two-factor authentication - Google Authenticator and Azure Authenticator, but also a universal solution from a specialized developer - Authy 2-Factor Authentication. This is what became optimal.

Now we will talk about the domestic authenticator - “Yandex.Key”, designed to replace Google Authenticator. The application looks interesting, offers two types of authorization and its own protection. However, we will not give him positive marks in advance and will check everything thoroughly.

The second participant will be FreeOTP Authenticator, an open source program that in turn can become a standard for similar solutions. But these are just first guesses, so let’s not beat around the bush and get started.

The test equipment used was a DEXP Ursus 8EV2 3G tablet (Android 4.4.2, MT8382 processor, 4 x Cortex-A7 1.3 GHz, Mali-400 MP2 video core, 1 GB of RAM, 4,000 mAh battery, 3G module, Wi-Fi 802.11 b/g/n) and smartphone Homtom HT3 Pro (Android 5.1 Lollipop, MT6735P processor, 4 x Cortex-A53 1.0 GHz, 64-bit, Mali-T720 video core, 2 GB RAM, 3,000 mAh battery, 4G module, Wi -Fi 802.11b/g/n)

"Yandex.Key"

Acquaintance

“This is an authenticator that creates one-time passwords (OTP) for logging into Yandex, Facebook, Google, GitHub, Dropbox, VKontakte and other services that support two-factor authentication (2FA). On Yandex, you will enter the password created by “Key” instead of the regular password, and on other services, along with the regular one.”

The description on Google Play speaks for itself and there is nothing much to add, except the fact that some users prefer this application

Two-factor authentication provides an increased level of security compared to a traditional password. Even a complex and effective password can be vulnerable to viruses, keyloggers and phishing attacks.

You can enable two-factor authentication on the Yandex account management page. To set up Yandex.Key access, you will need an Android or iOS mobile device.

After enabling two-factor authentication:

• Instead of using a standard password to access Yandex services and applications, you will need to enter a one-time password (for example, to log into your account or change your phone number). When using a QR code, you do not have to enter your login or passwords to log into your Yandex account.
• For third-party mobile applications, computer programs, and email clients, you will need to use separate application passwords.
• The recovery page for your Yandex account will be changed.

To enable two-factor authentication, click on the “Set up two-factor authentication” link on the “Personal Information” page in the “Access Management” section and follow several steps:

If your phone number is already linked to your account, confirm or change it. If the phone number is not specified, you need to add it, otherwise you will not be able to restore access to your account.

To link a new number or verify a phone number, request a code and then enter it in the appropriate field. Then click the “Confirm” button and go to the next step.

2. Create a PIN.

Create a 4-digit PIN and enter it for two-factor authentication.

Important: You must not share your PIN with others. The PIN cannot be changed. If you forget your PIN code, the Yandex.Key application will not be able to generate a one-time password; you can only restore access to your account with the help of a technical support specialist.

After entering the PIN code, click the “Create” button.

The Yandex.Key application is required to generate one-time passwords for your account. You can send a link to install the app directly on the two-factor authentication setup screen, or you can download the app from the App Store or Google Play.

Note: for Yandex.Key to work, you may need access to the device's camera to recognize barcodes (QR codes).

In the Yandex.Key application, click the “Add account to the application” button. Then the device camera will launch. Scan the barcode that appears in your browser.

If the QR code cannot be recognized, click the “Show secret key” button and click “Add a key manually” in the application. Instead of a QR code, the browser will display a sequence of characters that must be entered into the application.

After recognizing the account, the device will ask you to enter the PIN code created in the previous step.

To verify that the setup was successful, enter the one-time password generated in the previous step. Two-factor authentication will only be enabled if you enter the correct password.

Simply enter the PIN code created in step 2 into the Yandex.Key application. The application will generate a one-time password. Enter it next to the “Enable” button, and then click the button.

Note: You need to enter the OTP before it changes on the screen. Sometimes it's better to wait until a new password is created and enter it.

If you entered the correct password, two-factor authentication will be enabled for your Yandex.Passport account.

How to disable two-factor authentication in Yandex

1. Go to the “Access Management” tab in your Yandex.Passport account.
2. Move the switch to the “Off” position.
3. A page will open on which you need to enter a one-time password from the Yandex.Key application.
4. If the password is entered correctly, the user will be prompted to set a new primary password for the account.

Note: Once you disable two-factor authentication, your old app passwords will no longer work. You will need to create new application passwords to restore functionality of related services and applications, such as email clients.

The user can configure access of third-party applications to the Yandex account using application passwords. Please note that each individual application password grants access to a specific service. For example, a password created for an email client will not allow access to the Yandex.Disk cloud storage.

You can create application passwords on the “Access Management” tab in the Yandex.Passport account control panel. Slide the “App Passwords” switch to the “On” position. If two-factor authentication is enabled, application passwords will be enforced and cannot be disabled.

You will need to create a separate application password for each third-party program that asks for a Yandex password, including:

• Mail clients (Mozilla Thunderbird, Microsoft Outlook, The Bat!, etc.)
• WebDAV clients for Yandex.Disk
• CalDAV clients for Yandex.Calendar
• Jabber clients
• Applications for importing from other email services

To create an application password:

1. Go to the “Access Management” tab in the Yandex.Passport account control panel.
2. Enable the “App Passwords” option if it is disabled (the toggle will not appear if you have not enabled two-factor authentication).
3. Click "Get app password"
4. Select the Yandex service that you want to access in the application and the operating system.
5. Enter the name of the application for which you are creating a password and click "Add".
6. The password will be shown on the next tab. Click "Done".

Note: you can view the generated password only once. If you entered the password incorrectly and have already closed the window, delete the current password and create a new one.