Reddit enables two-factor authentication

It has taken some time, but the website is finally offering enhanced security for Reddit accounts.
Written by Charlie Osborne, Contributing Writer
File Photo

Reddit has introduced 2FA security to help its users protect their online accounts.

On Wednesday, the web content aggregation platform acknowledged that two-factor authentication (2FA) is a feature that users have requested for a long time.

Reddit is now able to deliver.

2FA facilitates additional layers of security for online accounts, usually by connecting accounts to a mobile device and delivering one-time codes for additional authentication.

We know that relying purely on passwords is not enough to keep our accounts secure -- especially as brute-force attacks on the common phrases and easy-to-remember combinations we use are easy to crack -- and so 2FA is now on the way to becoming standard practice.

Reddit has been slowly rolling out the feature through beta testers, moderators, and third-party app developers to make sure the 2FA system works across all platforms. Now that bugs have been ironed out, the feature is ready for the general population.

Users that opt-in for 2FA will need to pass an additional step in authentication when they log in. With every new sign-in attempt, a six-digit verification code will be sent to the user's mobile devices.

Reddit's 2FA is supported across desktop, mobile, and third-party applications, but requires an authenticator app which supports the TOTP protocol -- such as Google Authenticator and Authy -- to implement.

See also: After ignoring for months, Uber fixes two-factor bypass bug after all

If you wish to implement two-factor authentication, you can select it through the password/email tab under 'preferences' in your accounts.

While some companies are still catching up to 2FA, others are offering more varied options for account security. Last year, Facebook announced support for physical keys, such as YubiKey, to safeguard user accounts. These USB devices generate an encrypted, one-time security code for use in 2FA systems.

Despite the benefits of 2FA, however, not everyone will embrace the security measure. Last week, a Google engineer revealed that less than 10 percent of Gmail users enable 2FA on their accounts.

Top 5 security practices in staying safe online: From the experts

Previous and related coverage

Editorial standards