Sell on Amazon Sign in
This article applies to selling in: United Kingdom

About Two-Step Verification

What is Two-Step Verification?

Two-Step Verification (2SV) is Amazon’s Multi-Factor Authentication (MFA) solution. It provides two authentication challenges, requiring both a static knowledge challenge (password) and a dynamic knowledge challenge (OTP), offering better protection than a static password alone.

2SV helps you protect your account against Account Take Over (ATO). Due to the practice of password reuse, when breaches happen externally, Amazon customers who re-use the same password with Amazon are put at risk. Anyone who knows your password will be able to sign in to your account. 2SV protects against such occurrences.

How does Two-Step Verification work?

After enabling 2SV, when you sign in to Seller Central, you will need to complete a password challenge and a One-Time Password (OTP) challenge. The OTP will either be sent to an enrolled phone number via SMS or voice call, or generated by an authenticator app. Without knowing the password and knowing the OTP, it will not be possible to sign in. For your protection, treat the OTP with as much protection as your normal password, until after it has been used. If a bad actor knows your password, and knows your OTP before it is used, they will be able to sign in to your Amazon account.

What are the device requirements for Two-Step Verification?

When you first activate 2SV, you will need to designate two different 2SV authenticators – one will be your primary method and the other will serve as a backup if you lose access to the primary device.

You can receive OTPs using the following options: An authenticator app, voice call via mobile or landline phone, or via SMS. Authenticator apps are recommended because they are easy to use, do not require access to a network and are available for free via app stores on personal computers and smart devices – including mobile phones and tablets. For more information, see Use an authenticator app for Two-Step Verification.

You cannot use an authenticator app as both your primary and backup method, so you will need to choose an SMS or voice-enabled phone as either your primary or backup methods for receiving your OTP. The following table outlines both primary and backup options available to you:

If primary method for receiving OTP is Select one of the following as your backup method
SMS-enabled phone (for text messages)
  • Different voice-enabled phone*
  • Different SMS-enabled phone*
  • Authenticator app
Voice-enabled phone (landline)
  • Different voice-enabled phone*
  • Different SMS-enabled phone*
  • Authenticator app
Authenticator app
  • SMS-enabled phone
  • Voice-enabled phone
* You cannot use the same telephone number for both your primary and backup method for receiving OTPs.

Typically, you will only use your primary method for receiving OTPs; however, if you do not have access to your primary method or you are not receiving your OTPs, you can have your OTP sent to your backup method by clicking Didn’t receive the code?

If you lose or change the phone number of your primary method for receiving your OTP, you can always update it in Seller Central once you have successfully signed in using your backup method. To make changes to your primary and secondary methods, you must have access to at least one of your devices. If you do not have access to either your primary or secondary methods, see Two-Step Verification Account Recovery.

What if I don’t have a second phone number or a mobile phone for Two-Step Verification?

A mobile phone is not a requirement for 2SV. In addition to using an authenticator app, you can always receive your OTP by voice call to a landline.

For more information on authenticator apps, see Use an authenticator app for Two-Step Verification.

How do I enable Two-Step Verification?

If you are an existing Seller Central user who has not enabled 2SV, you will be prompted to activate 2SV the next time you sign in to Seller Central. Click Enable Two-Step Verification and follow the on-screen instructions.

You can also access the Advanced Security Settings page from the Retail site, which will take you through an identical experience.

  • 2SV is tied to your Amazon account. If you use the same account for both your Amazon buyer and seller activity, 2SV will be applied to both experiences.
  • If you haven’t already done so, Amazon recommends that you create individual accounts with different email addresses, via User Permissions, for everyone accessing your seller account. Not doing so could pose a security risk for you in the future and could cause loss of access to anyone else using that particular account. See the Help topic Set user permissions for more information.
  • If you already have individual seller accounts for each user accessing your seller account, each account will need to enable 2SV separately.

For a step-by-step guide on enabling 2SV, see How to enable Two-Step Verification.

Do I always need to be challenged with OTP when I sign in to my account?

After you have successfully signed in to your account through the 2SV process, you can simplify future sign-in on computers and devices that you routinely use.

The next time you enter your OTP on your computer or device, tell us not to ask for an OTP on that device in the future by clicking the check box next to Don’t ask for codes on this device.

Note: The “Don’t ask for codes” setting degrades the security of the account for that device as it suppresses the OTP challenge. This setting may also reset itself for a number of reasons beyond Amazon’s control. If so, Amazon will be unable to help you with most of the issues you might experience related to the OTP challenge. We can, however, tell you that the following actions may interfere with the 2SV OTP “Don’t ask for codes” feature:
  • Setting your browser to block the use of cookies.
  • Clearing your cache or deleting cookies (check your web browser settings).
  • Updates to your PC, device or apps on your device, including your web browsers.
  • Accessing Seller Central from a web browser other than the one that you used to add your trusted device.
  • Using a browser toolbar that affects browser settings.
  • Using anonymous browser mode or programs that obscure identity, including the use of proxy and VPN servers.
  • If you have used the seller mobile app, logging out of it might reset the trusted device status on your mobile device.

Accessing Seller Central from different locations or networks (LAN, WAN, WLAN), or changes to your IP address. Having multiple users who use the same credentials may increase these occurrences, so make sure that each person accessing your account has their own credentials. See Set user permissions for more information.

Note: You can access your Advanced Security Settings at any time to identify the number of devices that suppress the OTP challenge during sign-in. Here, you can clear this setting for all devices by selecting Require codes on all devices. We do not have the ability to clear the setting on specific devices. However, once all devices have been cleared, you can re-select the Don’t ask for codes on this device option upon your next sign-in with that device.

Sign in to use the tool and get personalised help (desktop browser required). Sign in


Reach Hundreds of Millions of Customers

Start Selling on Amazon


© 1999-2022, Amazon.com, Inc. or its affiliates