Two-step authentication using a built-in authenticator
You can use a built-in authenticator that's compatible with the WebAuthn standard as a second factor for logging in to your account. Built-in authenticators are integrated into a device you use as an authenticator. For example, you might set up your device to use biometric data, such as a fingerprint sensor or facial recognition. Some examples of a built-in authenticator are Windows Hello, and Apple Touch ID or Face ID. Alternatively, you might set up your devices to use a password or a PIN. Whatever you use to log in to your device is what you use for this method of two-step authentication.
Built-in authenticators only work on a single device. If you don't want to rely on a mobile device for two-step authentication, then you can choose the built-in authenticator on your laptop or desktop. If you use a built-in authenticator as your primary authentication method to log in to your account, then you should add a backup authentication method that doesn't rely on the built-in authenticator. Adding a different backup authentication method than the built-in authenticator lets you to log in to your account on other devices.
Steps:
- From your Shopify admin, click your store name in the topbar.
Click Manage account > Security.
In the Two-step authentication section, click Turn on two-step.
Enter your password, and then click Next.
From the Authentication method list, select Built-in authenticator.
Enter a name for your authentication device. If you use multiple authentication devices, ensure that you enter a name that is meaningful so that you can easily identify which authentication device is required. For example,
iPhone PIN
orLaptop fingerprint
.Click Turn on.
Follow the on-screen instructions for activating the authenticator.
Optional: Create a backup authentication method that you can use in case your primary authentication method is unavailable.
-
Save your recovery codes in case you're unable to use your primary or backup authentication method. Make sure that you store or save the recovery codes in multiple ways, including the following examples:
Now when you try to log in, you require the built-in authenticator for two-step authentication for that device.
On this page
What to do next
Consider setting up at least one backup authentication method that doesn't rely on the built-in authenticator so that you can log in to your account from a different device.