Reddit is one of the most popular websites that works as social bookmarks and news aggregators, the best thing about reddit is in its community, and that is that there are many users who comment on all the news and the threads that the users themselves create. On reddit we can find all kinds of topics, it’s like a big forum where the most important thing is the community. Additionally, users can vote for or against published content. Today in this article we are going to teach you how to protect the Reddit account using two-step authentication through an authenticator application.
Protect your Reddit account
If you want to have maximum security in your reddit account to avoid hacking, the first thing you should do is choose a good access password, and then enable the two-step authentication that the service allows us. The first thing we must do on reddit is to register or log in with our usual account.
Once we have logged in, we must go to the user menu and click on “User Settings”, or “User Settings”, as you can see here:
Once we enter the account settings, we can see all the options that it allows us to do related to our account and also to security.
Put a strong password
The first thing you should do to keep your account secure is to set a strong password. If you did not set a secure password when you registered, then you can change it from the “Account” menu and click on “Change password”, the password must have at least 8 characters. To create a strong password, you must have the following:
- Minimum of 12 characters in length.
- Have uppercase, lowercase and numbers.
- It is desirable that it have some symbol to improve security.
Our recommendation is that you use a password manager to generate the password automatically and save it in the password manager itself. Some highly recommended administrators or password managers are:
- Dashlane
- 1Password
- LastPass
- Bitwarden
- Passwarden
We also have password managers in some security suites like Avira or Kaspersky among others, so it’s also a good alternative. For example, Synology has C2 Password which is a key manager with storage in the Cloud, it can also be interesting, especially for NAS users.
You can also use the password managers of the browser itself if it has, or we have installed an extension that performs the password manager function. In the event that you do not want to use the key that the key manager suggests, you can always access password generator websites to configure the key as you want.
Once we have changed the password, you must also change it from the password manager so that it remembers the new one.
Activate two-step authentication
If we want to activate the two-step verification to further protect our reddit account, we must go to the “Security and privacy” section. In this menu we must go to the bottom where it says “ Use 2-step verification “. Click here to enable it.
We will get a small step-by-step configuration wizard to configure the two-step verification. The first thing we have to do is enter our current password to verify identity, and click on “Confirm”.
Now we will have to download an authenticator application from Google Play or the App Store. Currently there are many authenticator applications, so you should not have many problems choosing one of them, then we put a list of recommended applications that we use in this article:
- Telefonica Latch
- Google Authenticator
- authy
There are also other applications such as Microsoft‘s own, really the operation of all of them is very similar, but the Google Authenticator tokens are stored locally, so if you change your mobile you will lose them if you are not root on the terminal and move these token to the new terminal. For this reason, our recommendation is to use authenticator applications that store this in the cloud, to facilitate the use of them.
Once we have the authenticator application, all we have to do is scan the QR code that reddit will show us, when registering the service it will start generating temporary codes for one use, we will have to enter the 6-digit code that it will show us the application, and click on “Complete configuration”.
Now reddit will confirm that two-step verification is already activated and working. From this moment we will have to log in with our username and password, and later it will ask us for the TOTP code (temporary single-use code) to verify our identity.
When we activate the two-step verification of a service, we have the possibility of using backup codes in case we do not have our smartphone to generate the codes, or we have some kind of problem with the application. If we click on the “Backup codes” hyperlink, it will take us to a menu where we can see several 6-digit codes that replace the TOTP codes generated by our smartphone. These codes must be kept very well in a safe and private place, because with these codes you will be able to log in as if you had the authenticator application.
If we want to obtain the backup codes to keep them safe, we must enter the access password again to verify our identity:
Upon entering we can see the complete list of backup codes, as you can see, we must keep them in a safe place. In case of losing these codes, we can access our account to generate new ones, there is no problem in this regard.
If we go back to the main “Security and privacy” menu, we can already see that the 2-step verification option is perfectly activated. We also have the hyperlink to get the backup codes.
Another security measure that we can take is to go to “manage the authorization of third-party applications”, and that is that we can log in to other services using the reddit account. If we do not use any of these third-party applications, it is advisable to revoke this permission for security.
At this time we will already have our reddit account protected as much as possible, we must bear in mind that the fundamental steps to protect any online account are:
- Choose a good password.
- Turn on 2-step authentication, but don’t use the SMS method because it’s not secure.
- Review third-party applications that have access to our account.
Once we meet all these requirements, then we can rest assured that our digital identity will be secure.
