It is never too late to boost the security of users on your website. The latest portal to add two-factor authentication is Reddit which has finally rolled out the ability to doubly secure your account after months of testing. The two-factor authentication or 2FA adds a second layer of security by asking you to enter a 6-digit OTP-like verification code, each time you log in to your account.
With 2FA the need to enter a password remains. So essentially you authenticate with the password and the security code. Given the vulnerabilities modern servers have, it has become indispensable to add two-factor authentication. While a lot of you must be aware of the 2FA tool on Google account, we are listing down steps on how it will work for Reddit users.
The first thing to understand is 2FA is an opt-in method. If you think you have an unbreakable password then you may continue to make its solo use. In case you want to secure your account further, you can enable the 2FA by logging into you Reddit account -> click on preferences -> select password/email. Choose the option to enable two-factor authentication, and then follow the instructions to complete the process.
Once you activate, even if someone else has cracked your password, they will require your smartphone to get through the security code. According to The Verge, Reddit’s 2FA security can generate ten backup codes, in case you lose your phone or have trouble with the authenticator app, you can still access the account with one of those single-use codes.
The 2FA security tool works across platforms, including desktop, mobile, and third-party apps, and requires an authenticator app like Google Authenticator, Authy, or others which support Time-based One-Time Password (TOTP) protocol. Reddit does not offer support for hardware tokens or codes sent over SMS.
Reddit suggests users to choose a unique password, which has not been used on other sites. It is further advised to use a verified email address. Lastly, users should periodically check their account activity for recent logins to ensure there is no suspicious activity happening behind your back.