Yandex key access recovery. Login with two-factor authentication. The Yandex.Key service has been launched - two-factor authentication from Yandex
The Yandex.Key service has been launched - two-factor authentication from Yandex
Personal data protection is one of the most important issues on the Internet. Losing access to your account, be it mail or a social network, is akin to a disaster - like coming home and discovering that the key does not fit the lock. It is no coincidence that there are many tips on the Internet on how to protect your account from hacking, and perhaps the most popular of them is to use complex passwords and change them regularly. This is, of course, not bad, but constantly remembering new complex passwords can be quite tedious.
Especially for those who are concerned about the security of their account, Yandex has launched a beta version of two-factor authentication. With it, the key to your account will only be in your hands. More precisely, in your smartphone.
When logging in to Yandex - or any other site - you enter your username and password. The system checks whether the password matches the login and lets you in if everything is in order. But the password is only one verification factor. There are systems for which one factor is not enough. In addition to a password, they require, for example, a special code sent by SMS, or a USB key that must be inserted into the computer. These systems use two-factor or multi-factor authentication.
For our two-factor authentication scheme, we created Yandex.Key - a mobile application for iOS and Android. It is enough to consider the QR code on the Yandex main page, in the Passport or in the Mail authorization field as an application - and you will find yourself in your account.
To use the Key, you need to enable two-factor authentication, install the application and link it to your account. Then you set a four-digit PIN code in the application. This code will become one of the factors, part of the “secret”, based on which the algorithm will create one-time passwords. The second factor is stored in the smartphone. When you subsequently read the QR code in the authorization form, the application will send your login and one-time password to the Yandex servers. The server will check them and give the page a command to let you in or not.
When you can’t read the QR code, for example, your smartphone camera doesn’t work or you don’t have access to the Internet, you can enter a one-time password manually. Entering a password in this case replaces reading a QR code - the only difference is that the password is not sent to the servers automatically; instead, you enter it in the authorization form along with your login. A one-time password is valid for only 30 seconds. This is done so that it cannot be stolen from your computer (for example, using a program that remembers passwords entered into the browser).
No one but you will be able to use the Key to log into your account, because when generating passwords, the Key uses the PIN code that you came up with. Without the correct PIN code, the application will create incorrect passwords that will not work for your account. If you have an Apple smartphone or tablet with Touch ID, you can use a fingerprint instead of a PIN code.
Many users whose activities are related to making money on the Internet or storing important information online try to protect their accounts from hacking and theft of confidential data.
Of course, a complex password, including numbers and letters, as well as special characters, is quite reliable protection, but two-factor authentication provides the maximum effect.
However, not every person knows about this option for protecting their accounts, and this despite the fact that today more and more services (mail providers, social networks, etc.) offer to take advantage of this opportunity.
What is two-factor authentication?
So, what type of protection are we talking about? In fact, you've already seen two-step verification. For example, when you are going to perform any operation with money on the WebMoney website, then, in addition to your login and password, you will need to indicate a confirmation code that will be sent to your mobile phone.
In other words, two-factor authentication is the second key to your account. If you activate this option, for example, in Evernote (there is such an option), then an attacker who managed to guess the password for this notes service will face another problem - the requirement to specify a one-time code that is sent to your phone number. It is worth noting that if an attempt is made to hack your account, you will receive an SMS and you will be able to instantly change your password.
Agree that this is a very convenient option, using which you will worry less about the loss of personal information.
Where is the best place to use it?
Of course, some users may object, arguing that two-factor authentication is too much “unnecessary steps”, and in general, it is intended for paranoid people who always think that someone is watching them.
Perhaps they are right in some ways. For example, for social networks it is not at all necessary to use this method of protection. Although here one can argue. As a rule, attackers try to hack the accounts of administrators of popular “publics.” And you, most likely, would also not want to one day notice that your account in one of the “social networks” was hacked and completely indecent photos were posted on the “Wall”.
As for other services, for example, Yandex two-factor authentication will allow you to safely store your registration data from WebMoney and others) or letters containing secret information.
Google Account Protection
One of the most popular services today is Google. This is where you can register an email account, store documents on Google Drive, create a blog or channel on YouTube for free, which can later bring you profit.
In order for users to be confident in the safety of documents stored on mail or disk, they are offered two-factor authentication by Google. To activate it, you must log into your account.
Now, having opened, for example, your mailbox, pay attention to the avatar in the upper right corner. Click on it and go to “My Account”. Here you need the “Security and Login” section, namely the “Sign in to Google Account” link.
On the right you will see the “Two-Step Verification” option, where you need to click the arrow to activate it. A window will open in which you are interested in the “Proceed with setup” button. Enter your password and follow further instructions.
Two-factor authentication "Yandex"
Yandex also offers its users quite a lot of useful services. In addition to cloud storage of information on Yandex.Disk, you can get yourself an electronic wallet where you will withdraw the money you earn on the Internet.
And, of course, Yandex did not stand aside and also offers its users to use two-factor authentication to protect documents stored in the mailbox.
To enable it, you will need to follow a few simple steps. Log in to your account and click LMB on your profile photo (top right corner). Select "Passport" from the drop-down menu. A window will open in which you need to click on the “Access Control” link. Set the “slider” to the “ON” position. You will be redirected to a page where you need to click on the “Start setup” button. Now go through the 4 steps to activate two-factor protection.
Social network VKontakte"
As mentioned above, attackers usually try to gain access to the accounts of “admins” of popular groups. But this is not always the case, because simply the personal correspondence of some person well-known on the Internet may be of interest.
It is worth noting that for some users, this method of protecting an account begins to cause irritation over time, since it requires constant entry of a secret code, in addition to the login and password. In such cases, you need to know how to disable two-factor authentication. However, first we will deal with activating this option.
In fact, enabling two-step verification is very simple. Select "My Settings" and then go to the "Security" tab. In the “Login Confirmation” section, click on the “Connect” button. Now follow all the requirements one by one.
Disable two-factor authentication
In order to deactivate two-step protection in Yandex, you will need to go back to your “Passport” by clicking on your avatar. After that, open the “Access Control” section and set the slider to the “Off” position.
Conclusion
Now you know what two-loop authentication is and why it is needed. When using a particular service, you can activate this additional protection or refuse this feature.
Of course, in some cases it is highly recommended to enable two-step verification. For example, when registering on WebMoney, you indicated your email from Yandex. While working on the Internet, you can become a victim of hackers who will hack your mailbox and gain access to your electronic wallet. To prevent this from happening, it is better to install and link your e-mail to your phone. This way you can react quickly if they try to hack you.
First, log into your main Yandex account, if you have one. If it doesn’t exist yet, you can always create it after simple registration.
Enable and configure two-factor authentication
So, in your Yandex account, click on the account and go to the section Passport. Then - in the section Access Control press Set up two-factor authentication.
A window of the same name opens, in which you need to go through the steps of enabling and configuring two-factor authentication.
In the first step, we indicate the phone number and confirm it by receiving a code via SMS over the phone.
The next step is to create a PIN code. It is required to access the Yandex.Key application, installed on your smartphone or tablet.
The PIN code can consist of 4 to 16 digits. Enter them in the field and click Create.
A window will open with a QR code and a proposal to add your account to the Yandex.Key application.
Installing the Yandex.Key application
We launch it and a yellow button appears at the bottom of the window that opens with a suggestion - Add an account to the application.
We press the button, a window will open on the smartphone screen in which you need to enter the previously invented PIN code.
Once the PIN code is entered, the camera will automatically turn on. We point the camera at the QR code in the monitor window and wait for authorization.
Another way to login
Otherwise, to organize two-factor authentication after entering the PIN code, you can choose the option of receiving a 30-second one-time password.
In the fourth step of setting up two-factor authentication, you need to link the Yandex.Key program to your Yandex account. To do this, enter the one-time password received on your smartphone.
If it turns out that it is impossible to enter it in time, then you need to wait for the next time the numbers appear on the smartphone and enter it.
After entering, press the button Turn on and that’s all, the Yandex.Key program is activated and from now on two-factor authentication should work.
Now on all devices - computer, smartphone - you need to log out and log into your account again with the existing one-time password, or with a QR code, using the Yandex.Key application on your mobile phone.
In Yandex.Mail we receive a letter notifying that two-factor authentication is working.
In the received letter you can also find recommendations for setting up new access and using two-factor authentication.
Yandex two-factor authentication for other services
For Yandex.Mail, Ya.Disk and other Yandex services, it is possible to create different passwords. This will significantly increase the level of security of personal data and the account as a whole. You can read about their safe storage.
To do this, go again to the section Passport - Access Control. We select the program, in this case - Disk access.
For convenience, we call this connection, for example, My disk and press Create a password.
So, the password has been created, and it will only be displayed once. Therefore, if it is not saved, then it is better to delete it in the future and create it again.
Now you can connect to a Yandex network drive. Through any file manager we gain access to Yandex.Disk using this password.
Thus, Yandex.Disk and the main Yandex account will be protected with separate passwords using the two-factor authentication function.
Disable two-factor authentication
If in the future you want to stop using two-factor authentication, then just go to the section Access Control and go through the shutdown procedure.
That is, we press the switch Off enter the one-time password issued by Yandex.Key, click Confirm.
Thus, two-factor authentication of the Yandex account is disabled. You must keep in mind that in this case, passwords for Yandex.Disk and other services, if they are created, are also reset.
Hello again everyone. Agree, the most important thing when working on the Internet is safety. She needs special attention. When registering on an important site, you should create a strong password or use. Because the more complex the combination of letters and numbers, the more difficult it will be for attackers to hack it. However, there are times when hackers manage to gain access to your account, for example, to your personal email. This is very sad: important information may end up in the wrong hands and can be used against you, correspondence with your partners may be completely deleted, etc. In a word, your account should be protected like the apple of your eye.
To increase security, many services offer two-factor authentication. Today we will look at what this is using the example of Yandex mail.
When you enable this feature, an attacker, even if he guesses your main password correctly, will not be able to get into your mailbox. Because to do this you will need to specify a random one-time password, which is generated by a special application on your smartphone or tablet. Now we will try to tell you in detail how to enable two-factor authentication in Yandex. In the future, there will be a similar review on Google Mail and Mail.ru.
So, to connect this function we need a smartphone or tablet. Go to your Yandex mailbox. If you don't have one yet, create one. How? Read in.
After we have logged into our account, click on your account and select “ Account Management»
A Yandex passport will open with all sorts of settings. In the block " Access control"follow the link" Set up two-factor authentication»
Now we have to go through 4 steps.
1 step. Confirming your phone number.
After enabling the new feature, your account will be linked to your phone number. Therefore, indicate the number to which you have free access. After that, click on the button “ to get the code»
In a couple of seconds you will receive an SMS message containing the code that we enter in the field...
... and click " Confirm»
Step 2. Pin code.
In order for the application to generate a one-time password, you need to enter a PIN code, the one that we will now indicate. Attention!!! Remember this code and do not share it with anyone. Even if your phone is stolen, without knowing your PIN code, attackers will not be able to use this application.
Enter your PIN code, then repeat. To open symbols, click on the eye. This way you can make sure you typed everything correctly. And click " Create».
Step 3. Yandex Key mobile application.
At this stage, we need to install the very application that will create one-time passwords. Click on the button “ Get a link to your phone».
Let's move on. An Android phone will automatically open the Google Play service with an offer to install the Yandex Key application. Let's install it.
Open Yandex Key. After a few introductory pages, you will be asked to scan a QR code. The app will ask for permission to access your camera. We agree. Next, we point the camera at the monitor screen so that the square with the QR code falls into the camera lens. The application will automatically scan and add your account. If scanning fails, you can maintain a secret key. To view it, click on the link " Show secret key"under the QR code. In the application, also select the method for entering the secret key.
Now let's move on to the next step.
Step 4. Entering a one-time password from the Yandex key.
We launch our application on our gadget. Now you will need to enter your PIN code. And after that you will see that same random one-time password.
The password is updated every 30 seconds. Therefore, have time to enter it in the field before updating and click the “ Turn on».
That's it, we have enabled two-factor authentication for our Yandex account.
Let's check how it works. Log out of your current account.
Now you can log into your account in 2 ways. 1) enter your login (or Yandex email address) and then enter NOT the password we used before, permanent, but the ONE we receive in the Yandex mobile application key after entering the PIN code. And click the Login button. Second way means logging in using QR code. Click on the QR code icon (to the right of the Login button).
Then we get to this page
We follow the instructions: launch Yandex Key, enter our PIN code and then select “ Login using QR code»
Then we point the camera of the tablet or phone at the QR code. The application scans the code and we get access to our mail.
How to disable two-factor authentication in Yandex
If for some reason you decide to disable two-factor authentication, then this can be done quickly and easily. Log in to your mailbox, go to Account Management (see where and how to do this at the beginning of this article) and turn off this function.
In the next step we need to enter a one-time password from the Yandex Key application
Enter it and confirm.
Create a new password (this time permanent), repeat it and save it.
That's it, now our two-factor authentication is disabled. The permanent password created in the previous step will be used to log in.
So, today we looked at how to make our Yandex mail account more secure by connecting two-factor authentication to it. Are you using this feature? Share in the comments.
And that's all for today. See you again!
Every person should have a dream. A dream is what drives a person. When you are little, you dream of growing up. A dream must first become a goal. Then you must achieve your goal. And you should have a new dream!
When using the Yandex.Key application, to log into a Yandex account or the profile of a third-party application that uses a Yandex account, enter a one-time password instead of a regular password.
Main features of the Yandex.Key application
Several numbers or fingerprint
You will no longer have to create complex passwords to protect your Yandex account. You need to remember an access code ranging from 4 to 16 digits. These numbers will be used to create a unique one-time password that is valid for one minute. Additionally, you can use Touch ID (iOS) to scan your fingerprint instead of entering a PIN.
Data protection
Yandex.Key protects your account from hacking, and your personal data from theft. One-time passwords will only be available to you on your trusted mobile device.
Easy setup
You can add accounts manually. To do this, you need to enter data from the service that you want to use. Automatic configuration is available by scanning a QR code generated in the service.
Can be used without Internet
The Yandex.Key mobile application does not require an active Internet connection to add an account and generate one-time passwords. In addition, you do not need to wait for SMS messages with a verification code.
Additional functions
Yandex.Key supports the generation of 6-digit and 8-digit passwords depending on the requirements of a particular service. In addition, Yandex.Key can update one-time passwords at specified intervals, and not just after 30 seconds.
High safety standards
Yandex.Key supports two-factor authentication (or two-step verification) on all devices that use RFC 6238 and RFC 4226 algorithms, with the exception of services that use only SMS messages.
Backup
The user can create a backup copy of Yandex.Key data on Yandex servers to protect against possible problems with the device. The backup will be encrypted using a password known only to you.
What's new in version 2.6.0 for iOS
- The reason why Yandex.Key crashed when trying to access from another application has been fixed.
- Improved interaction with TouchID. Now you don't need to scan your fingerprint twice to unlock Yandex.Key or generate a one-time password for your Yandex account.
- Interface improvements.
What's new in the Android version
- The causes of Yandex.Key failure have been fixed.
- Interface improvements.
