Two-step authentication using a built-in authenticator
You can use a built-in authenticator that's compatible with the WebAuthn standard as a second factor for logging in to your account. Built-in authenticators are integrated into a device you use as an authenticator. For example, you might set up your device to use biometric data, such as a fingerprint sensor or facial recognition. Some examples of a built-in authenticator are Windows Hello, and Apple Touch ID or Face ID. Alternatively, you might set up your devices to use a password or a PIN. Whatever you use to log in to your device is what you use for this method of two-step authentication.
Built-in authenticators only work on a single device. If you don't want to rely on a mobile device for two-step authentication, then you can choose the built-in authenticator on your laptop or desktop. If you use a built-in authenticator as your primary authentication method to log in to your account, then you should add a backup authentication method that doesn't rely on the built-in authenticator. Adding a different backup authentication method than the built-in authenticator lets you to log in to your account on other devices.
Steps:
- From your Shopify admin, click your store name in the topbar.
Click Manage account > Security.
In the Two-step authentication section, click Turn on two-step.
Enter your password, and then click Next.
From the Authentication method list, select Built-in authenticator.
Enter a name for your authentication device. If you use multiple authentication devices, ensure that you enter a name that is meaningful so that you can easily identify which authentication device is required. For example,
iPhone PIN
orLaptop fingerprint
.Click Turn on.
Follow the on-screen instructions for activating the authenticator.
Save your recovery codes in case you lose access to your mobile device. Make sure that you store them in a safe location offline that you can access in multiple ways, such as from your mobile device, your desktop computer, and from a printed document.
Now when you try to log in, you require the built-in authenticator for two-step authentication for that device.
On this page
What to do next
Consider setting up at least one backup authentication method that doesn't rely on the built-in authenticator so that you can log in to your account from a different device.