Skip to main content

Here's the easiest way to protect your gaming accounts: Xbox Live, Nintendo, Steam and more

(Image credit: Future)

Gaming accounts have become a popular target for hackers in recent years. There are a number of examples in 2020 alone, including reports of numerous Nintendo Switch accounts being breached and companies like Epic looking to encourage users to enable two-factor authentication (2FA) after a significant breach last year.

While this is a concerning trend, most gaming companies now support at least some form of 2FA, and enabling it across your accounts isn't as difficult as you might think.

We've put together instructions for how to enable two-factor authentication (2FA) across all of the major gaming consoles and platforms. 

What is an authenticator app?

Before we show you how to enable 2FA on your gaming accounts, many of them require you to download an authenticator app. This app is tied to your gaming accounts (and many other accounts, for that matter) and continuously generates one-time use codes to access those accounts. You simply open the app, view the current code and enter it before the time expires.

One benefit of using an authenticator app is that, unlike a code sent to you by SMS or email, it cannot be intercepted by a hacker. It also does not require an internet connection, so you can get codes to access your account from wherever you are.

There are a considerable number of these apps available today, some of these services even utilize a dedicated authenticator app for the service. But for general-purpose, some of the best options are Google Authenticator (Android / iOS), Authy (Android / iOS), and Microsoft Authenticator (Android / iOS). 

Nintendo Switch Deals

(Image credit: Shutterstock)

How to protect your Nintendo account

Enabling two-factor authentication on a Nintendo account is quick and easy, although it must be done via a web browser. Nintendo uses one of the most secure options for 2FA, an authenticator app. Here are the steps:

  • Go to the Nintendo Account website and sign in to your Nintendo Account.
  • Select Sign-in and security settings, scroll down to 2-Step Verification then choose Edit.
  • Click 2-Step Verification settings.
  • Click Send email and an email will be sent to the address you have on file.
  • Enter the code shown in the email and press submit. 
  • Download the Google Authenticator app from your iOS or Android phone.
  • Scan the QR code shown on your Nintendo account.
  • Enter the 6-digit verification code into the field and press Submit.
  • Copy all the backup codes from the next page and keep them somewhere safe and secure.
  • Finally, choose I have saved the backup codes

(Image credit: Joeri Mostmans / Shutterstock.com)

How to protect your PlayStation account

Adding two-step verification to your PlayStation account is quick and easy whether you want to set it up on your PS4 or via a web browser. Unfortunately, PlayStation only implemented SMS-based authentication, not the preferred method of an authenticator app. Still, SMS is superior to using a password alone.

Notice that in both cases PlayStation offers you a number of backup codes. These are one-time use codes that would allow you access to your account if you can't verify via your phone for any reason.

PS4:

  • Go to Settings > Account Management > Account Information > Security > 2-Step Verification > Set Up Now.
  • Enter your mobile number and select Add.
  • A verification code will be sent to you immediately via text message.
  • Enter the verification code in the PS4 verification section to authorize your mobile number.
  • Select Activate to switch on 2-Step Verification.
  • Copy all of your Backup Codes from Settings > Account Management > Account Information > Security > 2-Step Verification > Backup Codes.

Web browser:

  • Go to the account management page.
  • Next to 2-Step Verification, select Edit > Activate > Continue.
  • Enter your mobile number and a verification code will be sent via text message.
  • Enter the code and select Verify.
  • Copy down all of the codes found in the Backup Codes section of the account management page.

Xbox Series X

(Image credit: Microsoft)

How to protect your Xbox Live account

Microsoft offers a full complement of two-step verification options, including email, SMS, or an authenticator app that will apply across all of your Microsoft services including Xbox Live. As always, we recommend the authenticator app as it is the most difficult for a hacker to breach and is accessible even without an internet connection. 

When enabled, you will need to supply the verification code any time you sign in from a new device or a new location.

  • Go to your Microsoft account page and sign in.
  • Select Security at the top of the screen.
  • Under Two-step verification click Turn on.
  • Confirm your phone number or backup email to receive a verification code.
  • Enter the verification code and click continue.
  • Click Set up two-step verification.
  • Select Next and then download the Microsoft Authenticator app or if you already have another authenticator app, simply use that
  • Scan the QR code on the following page with your authenticator app and enter the verification code.
  • Save the recovery code in a safe place.

(Image credit: Valve Corporation)

How to protect your Steam account

Steam by default uses Steam Guard email for security, which will send you a verification code anytime you access it from a new device or location. For a more secure option, you need to download the Steam app for Android or iOS and use the Steam Guard Mobile Authenticator.

  • Go to the Account page on the Steam website.
  • Scroll down to the Account Security section.
  • Click Manage Steam Guard.
  • Select Get Steam Guard codes from the Steam app on my phone.
  • Download and install the Steam app for Android or iOS.
  • Sign in to the app and tap the hamburger menu in the top left corner.
  • Tap Steam Guard and then Add Authenticator.
  • Enter the code that is sent to your registered phone number.
  • Save the Recovery Code and tap Done.

Epic Games Store 2FA

(Image credit: Epic Games)

How to protect your Epic account

Two-factor authentication is simple to set up on your Epic account and the company offers free games and digital rewards for doing so. Epic lets you use either an email, SMS, or an authenticator app. The authenticator app option is always our recommendation as it is the strongest of the three.

  • Go to the Account Settings page of your Epic account.
  • Click on the Password & Security tab.
  • Scroll to the bottom of the page and click Enable Authenticator App, Enable SMS Authentication or Enable Email Authentication depending on your preference.
  • Follow the on-page instructions for the relevant authentication method.

(Image credit: GOG)

How to protect your GOG account

While GOG offers users a two-step login process, it’s a particularly weak implementation. GOG only allows for delivery via email, it is triggered when it detects a login from a new browser or location, and it uses a 4-character security code, none of which is optimal. With that said, it is preferable to using nothing at all, and GOG users have been pressuring the company to add a true 2FA option in recent months, so hopefully, something more robust is added sooner than later.

This setting is now active by default on all GOG accounts, so if you are not receiving these two-step login emails, you either chose to deactivate it at some time in the past or need to update your email address. Both options can be handled following the instructions below.

  • Visit the Login & Security settings page of your GOG account.
  • Verify the email address associated with your GOG account.

(Image credit: Blizzard Entertainment)

How to protect your Battle.net account

Battle.net offers two forms of 2FA, either an SMS option or the Blizzard Authenticator app. The authenticator app option is preferable, but any of them will be better than a password alone and the SMS Protect offers other important notifications so it's good to have in addition to either authenticator option.

For added protection, you can opt to require the authenticator for login or by default it will be used anytime you use a new device or are logging in from a new location.

SMS Protect:

  • Log in to your battle.net account
  • Tap the hamburger menu icon in the upper-left corner.
  • Click Account Details.
  • Select Add Phone Number.
  • Enter the mobile number that you would like to use for authentication.
  • A confirmation code will be sent to your mobile number.
  • Enter the confirmation code and click continue.

Blizzard Authenticator:

  • Log in to your battle.net account.
  • Tap the hamburger menu icon in the upper-left corner.
  • Click Security.
  • Select Set Up An Authenticator.
  • Download the Blizzard Authenticator app for Android or iOS.
  • In the app tap Set up Authenticator.
  • Log in to your Blizzard account.
  • Confirm your account via the email or SMS security check.
  • Save the Restore Code and Serial Number and tap Continue.