Home-Word-Two-factor authentication in Yandex. Login with two-factor authentication Yandex key access recovery

Two-factor authentication in Yandex. Login with two-factor authentication Yandex key access recovery

Attention. Applications developed in Yandex require a one-time password - even correctly created application passwords will not work.

  1. Login using QR code
  2. Transfer of Yandex.Key
  3. Master password
  4. How one-time passwords depend on precise time

Login to a Yandex service or application

You can enter a one-time password in any form of authorization on Yandex or in applications developed by Yandex.

Note.

You must enter the one-time password while it is displayed in the application. If there is too little time left before the update, just wait for the new password.

To receive a one-time password, launch Yandex.Key and enter the PIN code that you specified when setting up two-factor authentication. The application will start generating passwords every 30 seconds.

Yandex.Key does not check the PIN code you entered and generates one-time passwords, even if you entered your PIN code incorrectly. In this case, the created passwords also turn out to be incorrect and you will not be able to log in with them. To enter the correct PIN, just exit the application and launch it again.

Login using QR code

Some services (for example, the Yandex main page, Passport and Mail) allow you to log into Yandex by simply pointing the camera at the QR code. In this case, your mobile device must be connected to the Internet so that Yandex.Key can contact the authorization server.

    Click on the QR code icon in your browser.

    If there is no such icon in the login form, then you can only log in to this service using a password. In this case, you can log in using the QR code in the Passport, and then go to the desired service.

    Enter your PIN code in Yandex.Key and click Login using QR code.

    Point your device's camera at the QR code displayed in the browser.

Yandex.Key will recognize the QR code and send your login and one-time password to Yandex.Passport. If they pass the verification, you are automatically logged in to the browser. If the transmitted password is incorrect (for example, because you entered the PIN code incorrectly in Yandex.Key), the browser will display a standard message about the incorrect password.

Logging in with a Yandex account to a third-party application or website

Applications or sites that need access to your data on Yandex sometimes require you to enter a password to log into your account. In such cases, one-time passwords will not work - you need to create a separate application password for each such application.

Attention. Only one-time passwords work in Yandex applications and services. Even if you create an application password, for example, for Yandex.Disk, you will not be able to log in with it.

Transfer of Yandex.Key

You can transfer the generation of one-time passwords to another device, or configure Yandex.Key on several devices at the same time. To do this, open the Access Control page and click the button Replacing the device.

Several accounts in Yandex.Key

The same Yandex.Key can be used for several accounts with one-time passwords. To add another account to the application, when setting up one-time passwords in step 3, click the icon in the application. In addition, you can add password generation to Yandex.Key for other services that support such two-factor authentication. Instructions for the most popular services are provided on the page about creating verification codes not for Yandex.

To remove an account link to Yandex.Key, press and hold the corresponding portrait in the application until a cross appears to the right of it. When you click on the cross, the account linking to Yandex.Key will be deleted.

Attention. If you delete an account for which one-time passwords are enabled, you will not be able to obtain a one-time password to log into Yandex. In this case, it will be necessary to restore access.

Fingerprint instead of PIN code

You can use your fingerprint instead of a PIN code on the following devices:

    smartphones running Android 6.0 and a fingerprint scanner;

    iPhone starting from model 5s;

    iPad starting with Air 2.

Note.

On iOS smartphones and tablets, the fingerprint can be bypassed by entering the device password. To protect against this, enable a master password or change the password to a more complex one: open the Settings app and select Touch ID & Passcode.

To use enable fingerprint verification:

Master password

To further protect your one-time passwords, create a master password: → Master Password.

With a master password you can:

    make it so that instead of a fingerprint, you can only enter the Yandex.Key master password, and not the device lock code;

Backup copy of Yandex.Key data

You can create a backup copy of the Key data on the Yandex server so that you can restore it if you lose your phone or tablet with the application. The data of all accounts added to the Key at the time the copy was created is copied to the server. You cannot create more than one backup copy; each subsequent copy of data for a specific phone number replaces the previous one.

To retrieve data from a backup, you need to:

    have access to the phone number that you specified when creating it;

    remember the password you set to encrypt the backup.

Attention. The backup copy contains only the logins and secrets necessary to generate one-time passwords. You must remember the PIN code that you set when you enabled one-time passwords on Yandex.

It is not yet possible to delete a backup copy from the Yandex server. It will be deleted automatically if you do not use it within a year after creation.

Creating a Backup

    Select an item Create a backup in the application settings.

    Enter the phone number to which the backup will be linked (for example, "380123456789") and click Next.

    Yandex will send a confirmation code to the entered phone number. Once you receive the code, enter it in the application.

    Create a password that will encrypt the backup copy of your data. This password cannot be recovered, so make sure you don't forget or lose it.

    Enter the password you created twice and click Finish. Yandex.Key will encrypt the backup copy, send it to the Yandex server and report it.

Many users whose activities are related to making money on the Internet or storing important information online try to protect their accounts from hacking and theft of confidential data.

Of course, a complex password, including numbers and letters, as well as special characters, is quite reliable protection, but two-factor authentication provides the maximum effect.

However, not every person knows about this option for protecting their accounts, and this despite the fact that today more and more services (mail providers, social networks, etc.) offer to take advantage of this opportunity.

What is two-factor authentication?

So, what type of protection are we talking about? In fact, you've already seen two-step verification. For example, when you are going to perform any operation with money on the WebMoney website, then, in addition to your login and password, you will need to indicate a confirmation code that will be sent to your mobile phone.

In other words, two-factor authentication is the second key to your account. If you activate this option, for example, in Evernote (there is such an option), then an attacker who managed to guess the password for this notes service will face another problem - the requirement to specify a one-time code that is sent to your phone number. It is worth noting that if an attempt is made to hack your account, you will receive an SMS and you will be able to instantly change your password.

Agree that this is a very convenient option, using which you will worry less about the loss of personal information.

Where is the best place to use it?

Of course, some users may object, arguing that two-step authentication is too much “unnecessary steps”, and in general, it is intended for paranoid people who always think that someone is watching them.

Perhaps they are right in some ways. For example, for social networks it is not at all necessary to use this method of protection. Although here one can argue. As a rule, attackers try to hack the accounts of administrators of popular “publics.” And you, most likely, would also not want to one day notice that your account in one of the “social networks” was hacked and completely indecent photos were posted on the “Wall”.

As for other services, for example, Yandex two-factor authentication will allow you to safely store your registration data from WebMoney and others) or letters containing secret information.

Google Account Protection

One of the most popular services today is Google. This is where you can register an email account, store documents on Google Drive, create a free blog or channel on YouTube, which can later bring you profit.

In order for users to be confident in the safety of documents stored on mail or disk, they are offered two-factor authentication by Google. To activate it, you must log into your account.

Now, having opened, for example, your mailbox, pay attention to the avatar in the upper right corner. Click on it and go to “My Account”. Here you need the “Security and Login” section, namely the “Sign in to Google Account” link.

On the right you will see the “Two-Step Verification” option, where you need to click the arrow to activate it. A window will open in which you are interested in the “Proceed with setup” button. Enter your password and follow further instructions.

Two-factor authentication "Yandex"

Yandex also offers its users quite a lot of useful services. In addition to cloud storage of information on Yandex.Disk, you can get yourself an electronic wallet where you will withdraw the money you earn on the Internet.

And, of course, Yandex did not stand aside and also offers its users to use two-factor authentication to protect documents stored in the mailbox.

To enable it, you will need to follow a few simple steps. Log in to your account and click LMB on your profile photo (top right corner). Select "Passport" from the drop-down menu. A window will open in which you need to click on the “Access Control” link. Set the “slider” to the “ON” position. You will be redirected to a page where you need to click on the “Start setup” button. Now go through the 4 steps to activate two-factor protection.

Social network "VKontakte"

As mentioned above, attackers usually try to gain access to the accounts of “admins” of popular groups. But this is not always the case, because simply the personal correspondence of some person well-known on the Internet may be of interest.

It is worth noting that for some users, this method of protecting an account begins to cause irritation over time, since it requires constant entry of a secret code, in addition to the login and password. In such cases, you need to know how to disable two-factor authentication. However, first we will deal with activating this option.

In fact, enabling two-step verification is very simple. Select "My Settings" and then go to the "Security" tab. In the “Login Confirmation” section, click on the “Connect” button. Now follow all the requirements one by one.

Disable two-factor authentication

In order to deactivate two-step protection in Yandex, you will need to go back to your “Passport” by clicking on your avatar. After that, open the “Access Control” section and set the slider to the “Off” position.

Conclusion

Now you know what two-loop authentication is and why it is needed. When using a particular service, you can activate this additional protection or refuse this feature.

Of course, in some cases it is highly recommended to enable two-step verification. For example, when registering on WebMoney, you indicated your email from Yandex. When working on the Internet, you can become a victim of hackers who will hack your mailbox and gain access to your electronic wallet. To prevent this from happening, it is better to install and link your e-mail to your phone. This way you can react quickly if they try to hack you.

Note. To move your account to a different smartphone or tablet, open the page and click Change device.

Setting up 2FA takes a few steps Two-factor authentication will only activate after you click Complete setup .

  1. Step 2. Create a PIN code
  2. Step 3. Set up Yandex.Key

Step 1. Confirm your phone number

If you already linked your phone number to your account, the browser will display this number and ask if you want to confirm it or change it. If your current phone number is not linked to your account, you must link it or else you will not be able to restore access to your account on your own.

To link or confirm a number, request that a code be sent via SMS and then enter it into the form. Once you"ve entered the code correctly, click Confirm to proceed to the next step.

Step 2. Create a PIN code

Think of a four-digit PIN code and enter it for two-factor authentication.

Attention. As with bank cards, you shouldn't share your PIN code with anyone and it cannot be changed. If you forget your PIN code, Yandex.Key cannot generate a correct one-time password, and access to your account can only be restored by contacting our Support Dept.

Click Create to confirm your PIN code.

Step 3. Set up Yandex.Key

The Yandex.Key app is required to generate one-time passwords for you account. You can get a link to the app directly on your phone or you can install it from App Store or Google Play.

Note. Yandex.Key may request access to your camera in order to recognize QR codes when accounts are added or when you sign in using a QR code .

In Yandex.Key, tap the Add account button. Yandex.Key will turn on your camera in order to scan the QR-code displayed in the browser.

If the QR code cannot be read, click Show secret key in the browser, or on Add it manually in the app. Instead of the QR-code, the browser will display a sequence of characters that must be entered into the app.

When it recognizes your account, your device will request the PIN code you created during step two.

Step 4. Check your one-time password

To make sure you have set everything up correctly, enter your one-time password. Two-factor authentication will only work if you enter the correct password.

The Yandex.Key service has been launched - two-factor authentication from Yandex

Personal data protection is one of the most important issues on the Internet. Losing access to your account, be it mail or a social network, is akin to a disaster - like coming home and discovering that the key does not fit the lock. It is no coincidence that there are many tips on the Internet on how to protect your account from hacking, and perhaps the most popular of them is to use complex passwords and change them regularly. This is, of course, not bad, but constantly remembering new complex passwords can be quite tedious.

Especially for those who are concerned about the security of their account, Yandex has launched a beta version of two-factor authentication. With it, the key to your account will be only in your hands. More precisely, in your smartphone.

When logging in to Yandex - or any other site - you enter your username and password. The system checks whether the password matches the login and lets you in if everything is in order. But the password is only one verification factor. There are systems for which one factor is not enough. In addition to a password, they require, for example, a special code sent via SMS, or a USB key that must be inserted into the computer. These systems use two-factor or multi-factor authentication.

For our two-factor authentication scheme, we created Yandex.Key - a mobile application for iOS and Android. It is enough to consider the QR code on the Yandex main page, in the Passport or in the Mail authorization field as an application - and you will find yourself in your account.

To use the Key, you need to enable two-factor authentication, install the application and link it to your account. Then you set a four-digit PIN code in the application. This code will become one of the factors, part of the “secret”, based on which the algorithm will create one-time passwords. The second factor is stored in the smartphone. When you subsequently read the QR code in the authorization form, the application will send your login and one-time password to the Yandex servers. The server will check them and give the page a command to let you in or not.

When you can’t read the QR code, for example, your smartphone camera doesn’t work or you don’t have access to the Internet, you can enter a one-time password manually. Entering a password in this case replaces reading a QR code - the only difference is that the password is not sent to the servers automatically; instead, you enter it in the authorization form along with your login. A one-time password is valid for only 30 seconds. This is done so that it cannot be stolen from your computer (for example, using a program that remembers passwords entered into the browser).

No one but you will be able to use the Key to log into your account, because when generating passwords, the Key uses the PIN code that you came up with. Without the correct PIN code, the application will create incorrect passwords that will not work for your account. If you have an Apple smartphone or tablet with Touch ID, you can use a fingerprint instead of a PIN code.

First, log into your main Yandex account, if you have one. If it doesn’t exist yet, you can always create it after simple registration.

Enable and configure two-factor authentication

So, in your Yandex account, click on the account and go to the section Passport. Then - in the section Access Control press Set up two-factor authentication.

A window of the same name opens, in which you need to go through the steps of enabling and configuring two-factor authentication.

In the first step, we indicate the phone number and confirm it by receiving a code via SMS over the phone.

The next step is to create a PIN code. It is required to access the Yandex.Key application, installed on your smartphone or tablet.

The PIN code can consist of 4 to 16 digits. Enter them in the field and click Create.

A window will open with a QR code and a proposal to add your account to the Yandex.Key application.

Installing the Yandex.Key application

We launch it and a yellow button appears at the bottom of the window that opens with a suggestion - Add an account to the application.

We press the button, a window will open on the smartphone screen in which you need to enter the previously invented PIN code.

Once the PIN code is entered, the camera will automatically turn on. We point the camera at the QR code in the monitor window and wait for authorization.

Another way to login

Otherwise, to organize two-factor authentication after entering the PIN code, you can choose the option of receiving a 30-second one-time password.

In the fourth step of setting up two-factor authentication, you need to link the Yandex.Key program to your Yandex account. To do this, enter the one-time password received on your smartphone.

If it turns out that it is impossible to enter it in time, then you need to wait for the next time the numbers appear on the smartphone and enter it.

After entering, press the button Turn on and that’s all, the Yandex.Key program is activated and from now on two-factor authentication should work.

Now on all devices - computer, smartphone - you need to log out and log into your account again with the existing one-time password, or with a QR code, using the Yandex.Key application on your mobile phone.

In Yandex.Mail we receive a letter notifying that two-factor authentication is working.

In the received letter you can also find recommendations for setting up new access and using two-factor authentication.

Yandex two-factor authentication for other services

For Yandex.Mail, Ya.Disk and other Yandex services, it is possible to create different passwords. This will significantly increase the level of security of personal data and the account as a whole. You can read about their safe storage.

To do this, go again to the section Passport - Access Control. We select the program, in this case - Disk access.

For convenience, we call this connection, for example, My drive and press Create a password.

So, the password has been created, and it will only be displayed once. Therefore, if it is not saved, then it is better to delete it in the future and create it again.

Now you can connect to a Yandex network drive. Through any file manager we gain access to Yandex.Disk using this password.

Thus, Yandex.Disk and the main Yandex account will be protected with separate passwords using the two-factor authentication function.

Disable two-factor authentication

If in the future you want to stop using two-factor authentication, then just go to the section Access Control and go through the shutdown procedure.

That is, we press the switch Off enter the one-time password issued by Yandex.Key, click Confirm.

Thus, two-factor authentication of the Yandex account is disabled. It should be borne in mind that in this case, passwords for Yandex.Disk and other services, if they are created, are also reset.



Related publications: