If you have a Nintendo account, now’s a good time to make sure that you have two-step verification set up on that account to keep it secure.
Nintendo makes two-step verification optional for its accounts but has recently started a small social media campaign encouraging users to opt in.
This weekend a number of Nintendo Switch owners have posted about third-party logins happening on their accounts, some resulting in the loss of funds, Nintendo Life reports. Nintendo has also recently issued a warning to account holders in Japan citing an increase in credit card fraud through Nintendo accounts.
My own account was accessed by someone in Thailand in late March. Although I luckily was able to catch it and change my password before any damage was done, my secure password clearly wasn’t secure enough, and I’m embarrassed I didn’t have two-step set up prior to that unauthorised login
To set up two-step verification on your account, go to the Nintendo website and then sign into your account.
Afterward, go to “Sign-in and security settings” and then go down to “2-step verification” and click “Edit.”
While some services use your phone number for two-step services, Nintendo only allows two-step verification via an Authenticator app.
When you click “2-Step Verification setup” on Nintendo’s site you’ll be sent an email with instructions on how to complete the verification process using Google Authenticator—which should also work on any third-party app you prefer.
As part of that process, you’ll be given some codes to use as backup if you need to access your account and don’t have the app handy. Make sure you store those in a safe place where you’ll be able to find them if need be.
Two-step authentication will make it a tiny bit harder for you to login to your Nintendo account going forward, but it will make it infinitely harder for would-be attackers.
Using two-factor authentication (2FA) is a smart, simple tactic to add a little extra data security in your life. For those unaware, 2FA is when you use a secondary authentication method—like code generator apps or Bluetooth keys—to validate your identity when logging into a website or app. There’s a similar version of the technology called two-step authentication (2SA), which sends authentication codes over text message or email, but this isn’t as secure as 2FA. In fact, it can be dangerous in certain circumstances.