Securing Your MyHeritage Account with Two-Factor Authentication

Following an increase in threats to personal data worldwide, we are taking many measures to increase security at MyHeritage. If you notice an impact on some features due to these measures, please be understanding and be assured that this is done to maximize the security of your own data.

Protecting your personal information is our top priority at MyHeritage, and that’s why we strongly recommend enabling Two-Factor Authentication (2FA) for your MyHeritage account. By taking a few minutes to follow the steps outlined below, you can add an extra layer of security to your account and increase your peace of mind.

Securing your MyHeritage account with Two-Factor Authentication

One of the best ways to increase the protection of your MyHeritage account is to add Two-Factor Authentication (2FA) to your account. This security measure is considered the gold standard for protecting personal data stored online.

Two-Factor Authentication is a security mechanism that requires you to provide two different forms of identification before gaining access to your account. As an analogy, it’s like installing two different kinds of locks on your door: one lock requiring a passcode and another requiring a physical key. The presence of both locks ensures that if someone gains access to one of those factors — for example, steals the key — there is an additional lock in place that will prevent them from breaking in.

Two-Factor Authentication systems typically require a password and another factor that you supply whenever you log in, such as:

• A unique code created by an authenticator app or service, such as Google Authenticator
• A similar code sent via email

Combining more than one factor significantly enhances security compared to relying solely on passwords. MyHeritage’s Two-Factor Authentication system includes entering a short-lived one-time code generated by an authenticator app or sent via email. It’s simple to use and very easy to set up. Once you set it up, even if your password is stolen, threat actors will not be able to log into your account, because they will not have the unique code that only the authenticator app on your mobile phone or the email authentication system can generate.

How to enable Two-Factor Authentication on your MyHeritage account

To enable Two-Factor Authentication on your MyHeritage account, sign in to your account on your browser and click your name on the top right of the screen to open the menu, then select “Account settings.” Note that this action can only be done via the account settings on your desktop or mobile browser and not on the MyHeritage app. However, once Two-Factor Authentication is enabled, you will need the authentication code to sign in to the app.

Accessing your account settings on MyHeritage (click to zoom)

The Account Settings page will be displayed. There, under “Two-Factor Authentication (recommended)”, click “Enable Two-Factor Authentication”:

Enabling Two-Factor Authentication on your MyHeritage account (click to zoom)

Select a method for entering your verification code.

Selecting an authentication method

There are two options for Two-Factor Authentication: via email, and via authenticator app.

Using email authentication

We have recently added the option of receiving your verification code via email. To enable this option, simply select “Email” as the verification method and click “Continue.” This will dispatch an email to the email address associated with your MyHeritage account. Open your email in a new window, or on your phone, to locate the verification code. Then, enter the six-digit verification code and click “Continue.”

Using an authenticator app

This method requires the use of an authenticator app. The most common option is an app such as the Google Authenticator app, which can be downloaded to your mobile device. We recommend that app. There are also browser- or desktop-based code generators you can use.

Select “Authenticator app” and click “Continue.”

In the next step, you’ll need to connect the authenticator app to your MyHeritage account using the QR code or setup key. Open your selected authenticator app and follow the steps to add a new account, either by scanning the QR code or entering the setup key appearing in the pop-up. To scan the QR code, simply select this option in the app, and point the camera of your mobile device at the black and white square on the left.

Connecting your authenticator to your MyHeritage account (click to zoom)

Once your account has been added to the app, click “Continue.”

You’ll be prompted to enter the 6-digit code from the app to complete the setup process. If you’re already using the app to generate codes for multiple accounts, look for the code listed under “MyHeritage: [your email address].” Note that the code changes every 30 seconds or so for maximum security, so you’ll need to enter it promptly. Most apps have a timer indicator telling you how much longer you have until the code changes.

Once you’ve entered the code, click “Done” — and you’re all set! You will see “Two-Factor Authentication is enabled” in your account settings.

How to log in to MyHeritage using Two-Factor Authentication

Once you’ve enabled Two-Factor Authentication, whenever you log in to your MyHeritage account, you’ll start by entering your email and password as usual. After you click “Log in,” you’ll be prompted to enter the security code from your authenticator app or your email. Open the app or email, find the code, and enter it, then click “Log in.”

Entering your verification code to log in using 2FA

Choosing a strong password

In addition to enabling 2FA, we recommend following best practices for choosing and storing your password to maximize its effectiveness. Your password should:

• Be long: we require a minimum of 9 characters, and longer is better
• Not include information that could be easily found online or on your social media account, such as your name, birthdate or birth year, or names of family members or pets
• Contain at least one number and one special character (e.g. !@#$%^&*)
• Be unique: never use the same password twice for different accounts
• Be recorded in a safe place that’s not easy for others to access: we recommend using a secure password management service, such as Keeper Security

To change your password, visit your account settings as detailed above and click “Change password” in the “My email and password” section.

Additional background to the extra security measures at MyHeritage

When you build your family tree on MyHeritage or take a MyHeritage DNA test, you are entrusting us with your personal data. Unfortunately, there are evil threat actors, i.e. hackers, who want to steal personal data. The risks posed by threat actors is increasing, as evidenced by recent events involving another DNA testing company that have been covered by the media.

MyHeritage holds the privacy and security of our users’ data as our highest priority. As a result, we have taken and continue to take significant steps to enhance the security of MyHeritage and the data of the users stored on MyHeritage.

In recent months, we have taken many extra precautions to protect your data. While most of the security measures occur behind the scenes and are not noticeable, users of MyHeritage, and especially MyHeritage DNA, may have noticed recently the impact of some of the increased security measures. Most of the noticeable steps that impacted users are temporary. For example, a few features of MyHeritage DNA were recently taken down for a few days, their security was tightened, and then they were brought back. As users of MyHeritage, please be understanding; we assure you that any steps taken are not arbitrary, they are taken for the sole purpose of increasing the security of your data.

We are also rigorously following the policy of minimizing the information we store, which results in less data being susceptible to any compromise. For example, inactive accounts with no data or almost no data on MyHeritage are routinely deleted — this is not new, and has been our policy for years.

Passwords of inactive users have been expired and deleted, so there will be fewer passwords for threat actors to steal or to try to abuse. All passwords of active users are routinely expired too, so that users do not reuse passwords they are also using on other websites. As a user of MyHeritage, your password on MyHeritage has been expired or deleted, or will soon be expired and deleted, requiring you to set a new password. When doing so, please create a new password that is very long and unique to MyHeritage; choose a password that you have never used before on any other website, and will only use on MyHeritage, and never reuse it on any other website. This way, if threat actors manage to steal one of your passwords from another website you have been using, they will not be able to log in to MyHeritage as you and access your data using that password, nor will they be able to access basic information about your DNA Matches.

As described above, we recommend adding Two-Factor Authentication (2FA) to your MyHeritage account. It will soon become a mandatory requirement for our DNA customers, but please act now and add it even before it becomes mandatory or even if you are not a DNA customer, as it will increase the security of your data in every case. Setting up Two-Factor Authentication requires minor effort on your part; we cannot do it for you without your participation.

We appreciate your trust in MyHeritage and are fully committed to continuing to protect and preserve your cherished family history.