I’ve been a fan of Reddit for years now, and check out the latest on the site many times each day. But I’m worried about my account security. Does Reddit have two-factor or two-step authentication for login, and if so, how can I enable it for my account?
While it’s not entirely foolproof, there’s no question that two-factor authentication is more secure than just having an account and password. Particularly given how many people use the same easy-to-remember password across dozens of accounts. Like any social site, it would be particularly frustrating to have someone hijack your Reddit account too, because then they could post mean, spammy, or violent content while masquerading as you. Definitely no bueno!
The idea of two-factor authentication is that in addition to gaining access to your password, the hacker would also need to have access to your phone because the service sends a special code (or, in this case, expects a special code from a separate authenticator app, as you’ll see), making it a lot more difficult to actually log in. Many 2FA systems, as they’re known, use a 6-9 digit code that’s sent to you via SMS text message, but Reddit uses a separate authenticator app, easily downloaded onto your smartphone for this purpose.
Let’s have a closer look…
HOW TO ENABLE TWO-STEP AUTHENTICATION ON REDDIT
The first step is to download either Authy or Google Authenticator [Android|iOS] from the app store for your phone. I already have Google Authenticator on my Apple iPhone, so I’m going to utilize that for this task.
Now go ahead and log in to your Reddit account in a Web browser. Your computer is ideal for this as you’ll be scanning an image on the screen at one point in the setup process.
Once logged in, choose User Settings from the main menu on the top right:
Turns out that there are a lot of settings in Reddit. I bet you had no idea!
The main view offers the seven tabs along the top, which is most important:
As shown, choose “Safety & Privacy“. Then you’ll need to scroll down until you see this:
Before we proceed, I will note that it’s a good idea to peek in on “Manage third-party app authorization” to see what other apps you’ve allowed to access your Reddit account. You can turn all of that off in that settings area if you prefer too.
Back on task! Tap on the on/off switch icon to the right of “Use two-factor authentication” and rather surprisingly a window will pop up:
As you would hope, it requires you to validate access to your account again before you can proceed. Definitely do NOT want someone else setting this up so that their phone or authentication app is a critical element for logging in to Reddit!
Enter your password again – and I hope it’s a complex one that has upper, lower, digits, punctuation, etc! – and click “Confirm“.
Now it’ll display a QR code that you can scan from within Authy, Google Authenticator, etc. Here’s what I see:
Not to worry, I’ve digitally altered the QR code so my own account remains safe. 🤓
Now it’s time to switch to your smartphone…
HOW TO SET UP GOOGLE AUTHENTICATOR FOR REDDIT 2FA
I already use Google Authenticator for a few different Web sites that also have two-factor authentication security, as is immediately obvious when I launch the program. The programs are very simple; they just show numeric codes that change every 60 seconds in sync with the host service:
To add the Reddit login process requires a tap on the “+” on the lower right of the app screen.
That pops up a mini-menu with a couple of choices:
Tap on “Scan a QR code” then point the app at the QR code Reddit is displaying on screen. It’s a matter of just a moment or two before Reddit is added to your list of sites in Google Authenticator with a 6-digit security code that’ll change every 60-seconds along with any others you have enabled:
Now you can see the code that Reddit is prompting for on its Web page just below the QR code. Enter the code before the 60-seconds run out (or just wait for the next code, no worries). Once you’ve entered that and click on “Complete setup” you’re all set!
Congrats on improving your Reddit account security.
HOW TO LOG IN TO REDDIT WITH TWO-FACTOR AUTHENTICATION
With this enabled, it’s a simple matter to log in. In fact, try it; log out of Reddit on your computer, then go to log in again. You’ll get the usual account and password prompt, so enter both.
Now, however, you’ll have a second prompt:
Ya gotta love the positive message “You have two-factor authentication enabled on this account because you’re awesome.” 😁
Open up that authenticator app, type in the current six-digit code shown for Reddit, click on “Check Code“, and you’re in safely. Not too much hassle at all. This is the same process you’ll now have to do on your mobile devices too, of course. Much safer than just a password.
Pro Tip: Just getting started with Reddit? Check out my Reddit help library for other helpful tutorial articles to get you up to speed while you’re visiting the site. And do feel free to follow me – /u/askdavetaylor – on Reddit too. Thanks!