How to disable two-factor authentication in Yandex. Login with two-factor authentication. Yandex.Key data backup

We continue our discussion of authenticators for Android. Let me remind you that in the last article, we studied not only famous applications for two-factor authentication - Google Authenticator and Azure Authenticator, but also a universal solution of a profile developer - Authy 2-Factor Authentication. This is what became optimal.

Now we'll talk about the domestic authenticator - Yandex.Klyuch, designed to replace Google Authenticator. The application looks interesting, offers two types of authorization and its own protection. However, we will not give him positive marks in advance and will check everything thoroughly.

The second participant will be FreeOTP Authenticator - an open source program, which in turn can become a benchmark for such solutions. But these are only the first assumptions, so let's not beat the bush and start.

A DEXP Ursus 8EV2 3G tablet (Android 4.4.2, MT8382 processor, 4 x Cortex-A7 1.3 GHz, Mali-400 MP2 video core, 1 GB of RAM, 4000 mAh battery, 3G module, Wi-Fi 802.11 b / g / n) and Homtom HT3 Pro smartphone (Android 5.1 Lollipop, MT6735P processor, 4 x Cortex-A53 1.0 GHz, 64-bit, Mali-T720 video core, 2 GB RAM, 3000 mAh battery, 4G module, Wi -Fi 802.11b / g / n)

Yandex.Key

Acquaintance

“This is an authenticator that creates one-time passwords (OTP) for logging into Yandex, Facebook, Google, GitHub, Dropbox, VKontakte and other services that support two-factor authentication (2FA). On Yandex, you will enter the password created by the Key instead of the regular password, and on other services, along with the regular one. "

The description on Google Play speaks for itself and there is not much to add, except the fact that some users prefer this application

Zvorotnyy star ">", "icon": "// yastatic.net/iconostasis/_/qOYT2LWpAjy_Ig4gGx3Kn6YO9ZE.svg","type":"service","id":96,"slug":"passport",nameKey ":" 96_name ")," alerts ":," documentPath ":" passport / authorization / twofa-login.html "," doccenter ":(" html_heads ":(" sources ":(" meta ":(" copyright ":" (C) Copyright 2019 "," DC.rights.owner ":" (C) Copyright 2019 "," DC.Type ":" concept "," DC.Relation ":" ../ authorization / twofa. html "," prodname ":" Passport "," DC.Format ":" XHTML "," DC.Identifier ":" twofa-login "," DC.Language ":" ru "," generator ":" Yandex Yoda DITA "," topic_id ":" twofa-login "," topic_name ":" "," doc_id ":" passport-guide "," doc_name ":" Help "," component_id ":" "," component_name ":" "," product_id ":" passport "," product_name ":" Passport "," description ":" "," product ":" passport "," product_realname ":" Passport "," doc_group ":" passport-guide " , "doc_group_name": "passport-guide", "section_name": "Logging in with two-factor authentication", "langs": "uk ru"), "title": "Logging in with two-factor authentication", "js": ["/ /yastatic.net/s3/locdoc/static/doccenter/2.257.0/b undles / index / _index.ru.no-bem.js "]," inlineJs ":," css ": [" // yastatic.net/s3/locdoc/static/doccenter/2.257.0/bundles/index/_index .bidi.css "]," common ":(" js ": [" // yastatic.net/jquery/1.12.4/jquery.min.js "])," legacy ":(" js ": [" //yastatic.net/es5-shims/0.0.1/es5-shims.min.js"†,"css":"//yastatic.net/s3/locdoc/static/doccenter/2.257.0/bundles/ index / _index.bidi.ie8.css "]))," meta ":" \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n \ n "," bundle ":(" styles ":" \ n "," js ":" \ n ")," lang ":" ru "," title " : "Logging in with two-factor authentication"), "menu": "", "document": "

Sign in with two-factor authentication

1. Login with QR code
2. Transferring Yandex.Key
3. Master password

Login to the Yandex service or application

You can enter a one-time password in any form of authorization on Yandex or in applications developed by Yandex.

Note.

Login with QR code

Passport

Login with a Yandex account to a third-party application or website

application password.

Transferring Yandex.Key

You can transfer the generation of one-time passwords to another device, or configure Yandex.Key on several devices at the same time. To do this, open the Access Control page and click Replacing the device.

Several accounts in Yandex.Key

setting up one-time passwords.

restore access.

Fingerprint instead of pin code

iPhone from 5s;

iPad from Air 2.

Note.

master password

Master password

With a master password, you can:

make it possible to enter only the Yandex.Key master password instead of the fingerprint, and not the device lock code;

Yandex.Key data backup

You can create a backup copy of the Key data on the Yandex server in order to be able to restore it if you have lost your phone or tablet with the application. The data of all accounts added to the Key at the time of the copy creation is copied to the server. You cannot create more than one backup copy, each subsequent copy of data for a specific phone number replaces the previous one.

To get data from a backup, you need:

have access to the phone number that you specified when creating it;

remember the password you set to encrypt the backup.

Attention. The backup contains only the logins and secrets required to generate one-time passwords. You must remember the PIN code that you set when you enabled one-time passwords on Yandex.

It is not yet possible to delete a backup from the Yandex server. It will be removed automatically if you do not use it within a year after its creation.

Making a backup

Select item Create a backup in the application settings.

Enter the phone number to which the backup will be linked (for example, "380123456789") and click Next.

Yandex will send a confirmation code to the entered phone number. Once you receive the code, enter it in the app.

Create a password to encrypt the backup of your data. This password cannot be recovered, so make sure you don’t forget or lose it.

Enter your password twice and click Finish. Yandex.Key will encrypt the backup, send it to the Yandex server, and notify about it.

Restoring from a backup

Select item Restore from backup in the application settings.

Enter the phone number that you used when creating the backup (for example, "380123456789") and click Next.

If a backup copy of the Key data is found for the specified number, Yandex will send a confirmation code to this phone number. Once you receive the code, enter it in the app.

Make sure the date and time of the backup, as well as the device name, match the backup you want to use. Then click the Restore button.

Enter the password that you set when creating the backup. If you do not remember it, unfortunately, it will be impossible to decrypt the backup copy.

Yandex.Key will decrypt the backup data and inform you that the data has been restored.

How one-time passwords depend on the exact time

When generating one-time passwords, Yandex.Key takes into account the current time and time zone set on the device. When an Internet connection is available, the Key also requests the exact time from the server: if the time is set incorrectly on the device, the application will correct it. But in some situations, even after the amendment and with the correct PIN code, the one-time password will be incorrect.

If you are sure that you are entering your PIN and password correctly, but you cannot log in:

Make sure your device is set to the correct time and time zone. After that, try logging in with a new one-time password.

Connect the device to the Internet so that Yandex.Key can get the exact time on its own. Then restart the app and try entering a new one-time password.

If the problem is not resolved, please contact support using the form below.

Give feedback on two-factor authentication

\ n "," minitoc ": [(" text ":" Login to the Yandex service or application "," href ":" # login "), (" text ":" Login using a QR code "," href ":" # qr "), (" text ":" Login with a Yandex account to a third-party application or site "," href ":" # third-party "), (" text ":" Transferring Yandex.Key "," href ":" # concept_mh4_sxt_s1b "), (" text ":" Several Yandex.Key accounts "," href ":" # more-accounts "), (" text ":" A fingerprint instead of a pin code "," href ":" # touch-id "), (" text ":" Master password "," href ":" # master-pass "), (" text ":" Backup copy of Yandex.Key data "," href ":" # backup "), (" text ":" How one-time passwords depend on the exact time "," href ":" # time ")]," mobile_menu ":" "," prev_next ":(" prevItem ": ("disabled": false, "title": "Login via email", "link": "/ support / passport / mail-login.html"), "nextItem" :( "disabled": false, "title": "Linking phone numbers", "link": "/ support / passport / authorization / phone.html")), "breadcrumbs": [("url": "/ support / passport / auth.html", "title": "Login to Yandex"), ("url": "/ support / passport / authorization / twofa-login.html", "title": "Sign in with two-factor authentication")], "useful_links": "", "meta" :( "copyright": "(C) Copyright 2019", "DC.rights.owner": "(C) Copyright 2019", " DC.Type ":" concept "," DC.Relation ":" ../ authorization / twofa.html "," prodname ":" Passport "," DC.Format ":" XHTML "," DC.Identifier ": "twofa-login", "DC.Language": "ru", "generator": "Yandex Yoda DITA", "topic_id": "twofa-login", "topic_name": "Login with two-factor authentication", "doc_id" : "passport-guide", "doc_name": "Help", "component_id": "", "component_name": "", "product_id": "", "product_name": "Passport", "description": " You can enter a one-time password in any form of authorization on Yandex or in applications developed by Yandex. "," Product ":" passport "," product_realname ":" Passport "," doc_group ":" passport-guide "," doc_group_name ":" passport-guide "," section_name ":" Login with two-factor authentication "," langs ":" uk ru ")," voter ":"

Was the article helpful?

No Yes

Please clarify why:

i don't like how it works

the content of the article does not match the title

the text is hard to understand

no answer to my question

another reason

Thanks for your feedback!

Tell us what you didn't like about the article:

send

"," lang ":(" current ":" ru "," available ": [" ru "," uk "]))," extra_meta ": [(" tag ":" meta "," attrs ":( "name": "copyright", "content": "(C) Copyright 2019")), ("tag": "meta", "attrs" :( "name": "DC.rights.owner", "content ":" (C) Copyright 2019 ")), (" tag ":" meta "," attrs ":(" name ":" DC.Type "," content ":" concept ")), (" tag " : "meta", "attrs" :( "name": "DC.Relation", "content": "../ authorization / twofa.html")), ("tag": "meta", "attrs": ("name": "prodname", "content": "Passport")), ("tag": "meta", "attrs" :( "name": "DC.Format", "content": "XHTML" )), ("tag": "meta", "attrs" :( "name": "DC.Identifier", "content": "twofa-login")), ("tag": "meta", "attrs ":(" name ":" DC.Language "," content ":" ru ")), (" tag ":" meta "," attrs ":(" name ":" generator "," content ":" Yandex Yoda DITA ")), (" tag ":" meta "," attrs ":(" name ":" topic_id "," content ":" twofa-login ")), (" tag ":" meta ", "attrs" :( "name": "topic_name", "content": "Login with two-factor authentication")), ("tag": "meta", "attrs" :( "name": "doc_id", "content ":" passport-guide ")), (" tag ":" meta "," attrs ":(" name ":" doc_name "," content ":" Help ")), (" tag ":" m eta "," attrs ":(" name ":" component_id "," content ":" ")), (" tag ":" meta "," attrs ":(" name ":" component_name "," content " : "")), ("tag": "meta", "attrs" :( "name": "product_id", "content": "passport")), ("tag": "meta", "attrs" :( "name": "product_name", "content": "Passport")), ("tag": "meta", "attrs" :( "name": "description", "content": "You can enter one-time password in any form of authorization on Yandex or in applications developed by Yandex. ")), (" tag ":" meta "," attrs ":(" name ":" product "," content ":" passport ")), ("tag": "meta", "attrs" :( "name": "product_realname", "content": "Passport")), ("tag": "meta", "attrs" :( "name": "doc_group", "content": "passport-guide")), ("tag": "meta", "attrs" :( "name": "doc_group_name", "content": "passport-guide")), ("tag": "meta", "attrs" :( "name": "section_name", "content": "Login with two-factor authentication")), ("tag": "meta", "attrs" :( " name ":" langs "," content ":" uk ru "))]," title ":" Login with two-factor authentication - Passport. Help "," productName ":" Passport "," extra_js ": [[(" elem ":" js "," url ":" // yastatic.net/jquery/1.12.4/jquery.min.js ", "block": "b-page", "elemMods" :(), "mods" :( "html-only": ""), "__ func136": true, "tag": "script", "bem": false, "attrs" :( "src": "// yastatic.net/jquery/1.12.4/jquery.min.js","nonce":"zRix3ekbWgiGTy+yQe2ohA=="),"__func67":true) ], [("elem": "js", "url": "// yastatic.net/s3/locdoc/static/doccenter/2.257.0/bundles/index/_index.ru.no-bem.js", "block": "b-page", "elemMods" :(), "mods" :( "html-only": ""), "__ func136": true, "tag": "script", "bem": false, "attrs" :( "src": "// yastatic.net/s3/locdoc/static/doccenter/2. 257.0 / bundles / index / _index.ru.no-bem.js "," nonce ":" zRix3ekbWgiGTy + yQe2ohA == ")," __ func67 ": true)], [(" elem ":" js "," url ":" // yastatic.net/es5-shims/0.0.1/es5-shims.min.js","block":"b-page","elemMods":(),"mods":("html -only ":" ")," __ func136 ": true," tag ":" script "," bem ": false," attrs ":(" src ":" // yastatic.net/es5-shims/0.0. 1 / es5-shims.min.js "," nonce ":" zRix3ekbWgiGTy + yQe2ohA == ")," __ func67 ": true)]]," extra_css ": [, [(" elem ":" css "," ie ": null," url ":" // yastatic.net/s3/locdoc/static/doccenter/2.257.0/bundles/index/_index.bidi.css","block":"b-page "," elemMods ":()," mods ":(" html-only ":" ")," __ func69 ": true," __ func68 ": true," bem ": false," tag ":" link "," attrs " :( "rel": "stylesheet", "href": "// yastatic.net/s3/locdoc/static/doccenter/2.257.0/bundles/index/_index.bidi.css"))], [(" elem ":" css "," ie ":" lte IE 8 "," url ":" // yastatic.net/s3/locdoc/static/doccenter/2.257.0/bundles/index/_index.bidi.ie8. css "," block ":" b-page "," elemMods ":()," mods ":(" html-only ":" ")," __ func69 ": true," __ func68 ": true," bem " : false, "tag": "link", "attrs" :( "rel": "styles heet "," href ":" // yastatic.net/s3/locdoc/static/doccenter/2.257.0/bundles/index/_index.bidi.ie8.css"))>">,"csp":("script -src ":)," lang ":" ru ")))">

Russian

Russian

Ukrainian

Sign in with two-factor authentication

For authorization in third-party applications and programs (mail clients, instant messengers, mail collectors, etc.), you should use application passwords.

Attention. Applications developed in Yandex require a one-time password - even correctly created application passwords will not work.

1. Login to the Yandex service or application
2. Login with QR code
3. Login with a Yandex account to a third-party application or website
4. Transferring Yandex.Key
5. Several accounts in Yandex.Key
6. Fingerprint instead of pin code
7. Master password
8. Yandex.Key data backup
9. How one-time passwords depend on the exact time

Login to the Yandex service or application

You can enter a one-time password in any form of authorization on Yandex or in applications developed by Yandex.

Note.

One-time password must be entered in time while it is displayed in the application. If there is too little time left before the update, just wait for a new password.

To get a one-time password, launch Yandex.Key and enter the pin code that you set when setting up two-factor authentication. The app will start generating passwords every 30 seconds.

Yandex.Key does not verify the PIN code you entered and generates one-time passwords, even if you entered your PIN code incorrectly. In this case, the created passwords also turn out to be incorrect and you will not be able to log in with them. To enter the correct PIN code, you just need to exit the application and start it again.

Features of one-time passwords:

Login with QR code

Some services (for example, the Yandex home page, Passport and Mail) allow you to log into Yandex by simply pointing the camera at the QR code. In this case, your mobile device must be connected to the Internet so that Yandex.Key can contact the authorization server.

Click on the QR code icon in your browser.

If there is no such icon in the login form, then this service can only be authorized with a password. In this case, you can log in using the QR code in Passport, and then go to the desired service.

Enter the pin code in Yandex.Key and click Sign in with QR code.

Point your device's camera at the QR code displayed in the browser.

Yandex.Key recognizes the QR code and sends your username and one-time password to Yandex.Passport. If they pass the test, you will be automatically logged into your browser. If the transmitted password turns out to be incorrect (for example, due to the fact that you entered the PIN code incorrectly in Yandex.Key), the browser will display a standard message about an incorrect password.

Login with a Yandex account to a third-party application or website

Applications or sites that need access to your data on Yandex sometimes require you to enter a password to log into your account. In such cases, one-time passwords will not work - you need to create a separate application password for each such application.

Attention. Only one-time passwords work in Yandex applications and services. Even if you create an application password, for example, for Yandex.Disk, you will not be able to log in with it.

Transferring Yandex.Key

You can transfer the generation of one-time passwords to another device, or configure Yandex.Key on several devices at the same time. To do this, open the page and click the button Replacing the device.

Several accounts in Yandex.Key

The same Yandex.Key can be used for multiple accounts with one-time passwords. To add another account to the application, when setting up one-time passwords in step 3, click the icon in the application. In addition, you can add password generation to Yandex.Key for other services that support such two-factor authentication. Instructions for the most popular services are given on the page about creating verification codes not for Yandex.

To remove the binding of an account to Yandex.Key, press and hold the corresponding portrait in the application until a cross appears to the right of it. When you click on the cross, the linking of your account to Yandex.Key will be removed.

Attention. If you delete an account for which one-time passwords are enabled, you will not be able to receive a one-time password to log into Yandex. In this case, it will be necessary to restore access.

Fingerprint instead of pin code

You can use your fingerprint instead of a pin code on the following devices:

smartphones running Android 6.0 and a fingerprint scanner;

iPhone from 5s;

iPad from Air 2.

Note.

On smartphones and tablets with iOS, the fingerprint can be bypassed by entering the device password. To protect against this, turn on the master password or change the password to a more complex one: open the Settings app and select Touch ID & Password.

To use enable fingerprint verification:

Master password

To further protect your one-time passwords, create a master password: → Master password.

I'll show you how to set up two-factor authentication in Yandex, this will help you secure your Yandex account from hacking.

We go into password management at passport.yandex.ru/profile/access... Here you can change your password or enable additional protection for your account - two-factor authentication. Click on the Two-Factor Authentication slider to enable it.

Connecting two-factor authentication takes place in several steps. You will need to open Yandex.Passport and the Yandex.Key mobile application in parallel. After completing the setup, you need to re-authorize on all devices.

Click start setup.

Here is your phone number to which the codes for setting will be received. Here you can also change the phone number associated with your Yandex account.

Setting up two-factor authentication. Step 1 of 5.

Confirm your phone number. This is your main Yandex number. You will need it if you lose access to your account. Click to get the code.

You will receive an SMS code from Yandex to your number.

Enter the SMS code from Yandex here and click confirm.

Setting up two-factor authentication. Step 2 of 5.

Download the Yandex.Key app. Now we go to the AppStore on your iPhone or iPad or in the Play Store on an Android smartphone or tablet and look for the Yandex.Key application. Or click to get a link to the phone.

The App Store or Play Market will open, click download to download the Yandex.Key application and install it on your smartphone or tablet.

If you need to enter your Apple ID password, then enter your Apple ID password.

After 30 seconds, the application will be downloaded to your smartphone, launch it by clicking on it.

Setting up two-factor authentication. Step 3 of 5.

Point your phone camera at the QR code and your account will be automatically added to the app. If the code cannot be read, try again or enter the secret key.

Let's move on to the smartphone again.

The Yandex.Key app creates one-time passwords for logging into Yandex. if you have already started setting up two-factor authentication on your computer, then click the "add account to the application" button.

Click to add an account to the application.

The "Key" program requests access to the "camera". Click allow to give the application access to the camera on your smartphone to scan the QR code from your computer screen.

Point the camera at the QR code displayed on your computer monitor and wait for the account to be added or add it manually.

Ready. The QR code has been scanned. The Yandex.Key application is ready to work.

Now we turn to the computer monitor.

Click create a pin code.

You need a PIN code every time you receive a one-time password in Yandex.Key, as well as to restore access to your account. Please keep your PIN confidential. Yandex service employees never ask him.

Come up with a four-digit pin code and click continue.

Setting up two-factor authentication. Step 4 of 5.

Checking the pin code. Be sure to remember the pin code. Once the setting is complete, it cannot be changed. If you enter an incorrect PIN code in the application, then it will generate incorrect one-time passwords.

Enter the PIN code you invented earlier and click check.

We return to the smartphone and the Yandex.Key app. Enter the pin code to get a one-time password.

After entering the pin code, you will receive a one-time password that will be valid for 20 seconds, during these 20 seconds you need to enter it on your computer in the two-factor authentication setting. If you do not have time to enter the password in 20 seconds, it will change to another, and so on. Enter the password that will be displayed on the screen of your smartphone.

Last step. Enter your password from Yandex.Key.

Use the PIN code to get a one-time password in the app. Make sure you memorize the pin-code, after completing the setting, you will not be able to change it.

What will change after enabling two-factor authentication:

• The old password will no longer work.
• You will need to re-authorize on Yandex on all devices (web services and mobile applications).
• You can access Yandex web services using a QR code without entering a password. If you cannot read the code, use the one-time password from Yandex.Key.
• You will be directed to Yandex mobile applications using a one-time password. It can be copied from Yandex.Key by long pressing.
• For other programs associated with your account (for example, mail clients or mail collectors), get application passwords in Passport.

Enter the one-time password that is displayed on the screen of your smartphone and click complete the setup.

Now, after entering the one-time password, you must enter the old password from the account. Yandex needs to make sure that such a major change in security settings is made by the account owner.

Enter the old password from Yandex account and click OK.

Ready. Two-factor authentication is complete. You have protected your account with one-time passwords. Now you need to log in to Yandex again on all devices. If you use email programs, for example, do not forget to get application passwords for them.

Click close.

Now if you use a Yandex account mailbox on your smartphone, you need to create a password for it.

Select the application type> Mail program.

And we select the operating system of your mail program. I use an iPhone, so I choose iOS.

And click Create Password to create a password for the email program on your smartphone.

Your iOS mailer password has been generated.

How to use the password:

• To give the application access to your data, specify this password in its settings.
• You don't need to remember your password: you only need it once. When you change your Yandex password, you will need to get a new application password.
• The app password is shown only once. If you close the page and don't have time to use it, just get a new one.

We enter the password that is displayed on your computer monitor into the Yandex mail mobile application on your smartphone.

Ready. Yandex's two-factor authentication works, you can move on.

Now, if you log out of your Yandex account and re-enter your username and password, they will write to you:

Invalid login-password pair! Login failed. Perhaps you have a different keyboard layout or you have pressed the "Caps Lock" key. If you are using two-factor authentication, make sure you enter the one-time password from the Yandex.Key app instead of the usual one. Try to log in again.

Now you need to open the Yandex.Key app, enter your PIN code and point the smartphone camera at the QR code. You will automatically enter your Yandex account after the smartphone reads the QR code from the monitor screen.

Other posts on the topic of security and 2-Step Verification:

You still don't know what it is two factor authentication?

This is the process of identifying a user.

It can be found on various services as a means that is used to secure your account.

With the help of two-factor authentication (2FA), you can better protect your own from possible unauthorized access.

When using such protection, certain data will be required from the user, which will be used to identify him.

This data can be divided into the following types:

• Passwords, secret words and pin codes;
• Various compact devices that protect user information and are able to identify him - tokens.

They do not require a connection to a computer, but they have their own display.

On this display, at the right moment, a number appears, the input of which will allow the user to freely enter the system.

Consider three services that use this method.

General 2FA concepts

Own tokens can be used.

The user will need to install a special application on a smartphone that can generate one-time passwords. One such application is Google Authenticator.

In order to make the protection of a specific resource as effective as possible, one-time passwords are synchronized in time and constantly updated.

That is, a specific time is given to enter such a password and, if it is exceeded, the password becomes invalid.

The basis for their creation is a specific mathematical formula, with its help you will not be able to guess the next, new one.

Sometimes, to use two-factor authentication, specific biometric (scanners) are used, they open access to the resource.

However, such protection is notable for its quality, but it is expensive.

For example, if you have injured your fingers and the scanner resolution is set to the highest resolution, you are unlikely to be able to identify yourself.

For all its complexity, two-factor authentication is not a panacea, but it creates quite serious difficulties for fraudsters.

To break your security, they will have to somehow steal your token or copy the codes it generates.

If you want to skip 2FA, all you need to do is simply restore your account.

If you start it up (for example, due to a lost password), then a few days later a letter will be sent to the mail notifying about the disconnection of authentication.

Areas of use

Today 2FA is used to protect accounts, various resources (cryptocurrency exchanges, etc.), e-mail boxes, etc.

It makes it possible to increase the level of security, given that you will have to perform several additional steps in order to log into your account.

When using a special token, you can protect the data available on your personal computer.

With it, you can easily create strong two-factor authentication both on the network and on your local computer.

To implement it, you can use usb keys or an eToken smart card.

This product will help to avoid unauthorized people trying to log in as an official user.

Google two-factor authentication

Google Authenticator

In order to use two-factor authentication, you will need to install a small program on your mobile device - Google Authenticator, which is necessary to generate one-time passwords.

If you decide to secure your account by installing 2FA, turn it on and enter your mobile phone number.

Go to the resource settings page and click on the button "Create" located at "Authenticator App" .

After that, launch Google Authenticator on your Android device and link it to your account.

This can be done in two ways:

If such a connection is not permanent, you can use another entry scheme, for example, the program Google Authenticator.

Using one-time codes

This option is also intended to identify the user when logging into a Google account.

It is a request and a printout of several codes at once.

The print itself is in the format of a business card, so it is convenient when stored in a purse or pocket.

Printed codes do not have a specific validity period and are valid until the last one is used or new ones are generated.

Google Security Key

For work, certain keys (FIDO U2F) are used that work only in the browser.

You must have a device in which there is a usb.

Because of these limitations, Google key authentication is not always acceptable.

Using unique passwords

There are some applications that do not have 2FA support.

These are old versions of IMAP mail clients.

You can request an unlimited number of unique passwords. If there is no need to use them, delete them.

These passwords will make it possible to open access to data, but it will be impossible for another person to log into your account.

You cannot steal the user's personal information, as this will require logging into your account.

During such a login, Google will require you to enter your account password, as well as a one-time identification code generated on a trusted device.

Burglary protection

Protect yourself from possible hacking and theft of personal information by using authenticator programs on your Android device.

As mentioned above, this is root or custom recovery (for example, TWRP).

Recovery is a program that will allow you to restore the OS.

There are other methods of hacking, up to the interception of SMS messages with a secret code.

To prevent a fraudster from using your personal data, do not be lazy to enable the encryption system for the section in which they are stored.

Use the pin code to unlock the screen, and not disable it using a face scanner or fingerprint, since such protection is easy enough to bypass.

In addition, it is not advisable to use receiving an access code via SMS delivery.

With this option, there is a possibility that the incoming message will be intercepted by malefactors.

Disable 2FA Google Account

Before you turn off the two-factor authentication installed on your account, this will significantly reduce the level of its security.

If this does not stop you - follow the steps described below.

Go to the main page of your account and open the section "Login and Security" .

On the tab that opens, select

You will be prompted to enter your registration data, namely your login and password.

In addition, the system will ask you to enter the generated code for confirmation.

After that, the 2FA disable function will become available to you.

By clicking on it, you will see a window requiring confirmation of this action.

If your intention is unbending, select the option "Disable" .

If you are logging in for the first time from a new device, the system will require you to provide a password and a generated six-digit code.

This code is a verification code and is displayed on all trusted devices of the user.

Any new device, after entering the generated code, automatically joins the existing number of trusted devices.

So, if you updated your equipment and purchased a Mac computer, then the first time you log in, the system will ask you to enter your existing password and a six-digit verification number.

This entered information will automatically appear on your.

Due to the fact that to enter your account requires knowledge of not only the password - the likelihood of theft of personal information stored on the company's servers is minimized.

After the first login, the verification code for this device will no longer be requested.

The need for the next input of the digital identifier will arise in case of logging out of the account.

If you most often log into your account using one browser that is on your PC installed on your computer, add it to the trusted list.

After that, each subsequent entry - except for the very first one - will be carried out automatically, and the introduction of the verification code is not required.

What can be considered verified Apple devices

To the category of such devices are all mobile devices of the company running an operating system not lower than iOS 9.

In the case of computers, they must have at least OS X EI Capitan operating system.

On iPhones, you can identify yourself by logging into your account.

If you log in from some other browser or device, it will be necessary to provide not only a valid password, but also a newly generated verification code.

Verified phone number

Having a mobile phone is a prerequisite for connecting two-factor authentication.

The verified phone number will receive calls or receive SMS messages with an access code.

The number of phone numbers can be any, but not less than one.

To obtain an identification code, you can use not only your personal phone number, but also the number of any family member. You can add your friend's phone number.

Do this as a last resort when it is not possible to use your devices.

First, log into the main Yandex account, if you have one. If it is not yet there, you can always create it after a simple registration.

Enabling and configuring two-factor authentication

So, in your Yandex account, click on the account and go to the section Passport. Then - in the section Access control push Set up two-factor authentication.

A window of the same name opens, in which, step by step, you need to go through the procedure for enabling and configuring two-factor authentication.

At the first step, we indicate the phone number, confirm it by receiving the code in the form of SMS by phone.

The next step is to create a pin code. It is required to access the Yandex.Key application installed on your smartphone or tablet.

The PIN code can be from 4 to 16 digits. We enter them in the field and click Create.

A window with a QR code will open and with a proposal to add your account to the Yandex.Key app.

Installing the Yandex.Key app

We launch it and a yellow button appears at the bottom of the window that opens with a proposal - Add an account to the application.

Click on the button, a window will open on the smartphone screen in which you need to enter the previously invented pin code.

As soon as the PIN code is entered, the camera will automatically turn on. We point the camera at the QR code in the monitor window and wait for authorization.

Another way to authorize

Otherwise, to organize two-factor authentication after dialing the pin-code, it is possible to select the option of receiving a 30-second one-time password.

In the fourth step of setting up two-factor authentication, you need to link the Yandex.Key program to your Yandex account. To do this, enter the one-time password received on the smartphone.

If it turns out that it is impossible to enter it in time, then you need to wait for the next appearance of the numbers on the smartphone and enter it already.

After entering, press the button Turn on and that's all, the Yandex.Key program is activated and from this moment two-factor authentication should work.

Now, on all devices - computer, smartphone - you need to log out and re-log into your account with the existing one-time password, or with a QR code using the Yandex.Key application on your mobile phone.

In Yandex.Mail, we receive an email notifying that two-factor authentication is working.

In the received letter, you can also get acquainted with the recommendations for setting up new access and using two-factor authentication.

Yandex two-factor authentication for other services

For Yandex.Mail, Ya.Disk and other Yandex services, it is possible to create different passwords. This will significantly increase the level of security of personal data and the account as a whole. You can read about their safe storage.

To do this, go back to the section Passport - Access Control... We choose a program, in this case - Disk access.

For convenience, we call this connection, for example, My drive and press Create a password.

So, the password has been created, and it will be displayed only once. Therefore, if it has not survived, then it is better to delete it in the future and create it anew.

Now you can connect to the Yandex network drive. Through any file manager, we get access to Yandex.Disk using this password.

Thus, Yandex.Disk and the main Yandex account will be protected with separate passwords using the two-factor authentication function.

Disable two-factor authentication

If in the future there is a desire to refuse the use of two-factor authentication, then for this it is enough to go to the section Access control and go through the shutdown procedure.

That is, we press the switch Off enter a one-time password issued by Yandex.Key, click Confirm.

Thus, two-factor authentication of the Yandex account is disabled. It should be borne in mind that passwords for Yandex.Disk and other services, if created, are also reset.