Important Updates Regarding Two-Factor Authentication

We recently published a blog post highlighting the importance of setting up Two-Factor Authentication for your MyHeritage account. We explained some of the additional measures we are taking to enhance security at MyHeritage, and as part of these measures, we are announcing two important updates: we’ve added email as another method of Two-Factor Authentication (2FA), in addition to the existing method of using an authenticator app, and we are in the process of requiring Two-Factor Authentication to be set up prior to viewing MyHeritage DNA results or managing DNA kits.

As a reminder, Two-Factor Authentication provides an extra layer of security for your account, in addition to your password. As an analogy, imagine that you install two kinds of locks on your door: one lock requiring a code and another requiring a physical key. Having two locks ensures that if someone breaks one of them, there is an additional lock in place to prevent them entering. With Two-Factor Authentication enabled on MyHeritage, there is extra protection in place to ensure that someone else cannot log in as you and access your information, even if your account password is compromised.

Until now, MyHeritage has supported Two-Factor Authentication that uses a one-time code generated by an authenticator app. For users who wish to use another method, we have now added the option to receive a six-digit authentication code by email.

Enabling Two-Factor Authentication with email

Currently, Two-Factor Authentication can only be enabled from your Account Settings when using a web browser, either on desktop or mobile web. In the coming weeks we will also add the ability to enable Two-Factor Authentication via the MyHeritage mobile app.

To enable Two-Factor Authentication, sign in to your MyHeritage account on your web browser. Click your name on the top right of the screen and select “Account settings” from the menu.

Accessing your account settings on MyHeritage (click to zoom)

Scroll down the page and click “Enable Two-Factor Authentication,” marked below in red.

Enabling Two-Factor Authentication on your account (click to zoom)

Click the link to start the Two-Factor Authentication setup.

You can receive verification codes in one of two ways: using an authenticator app, or via email. In this post we’ll walk you through the steps for enabling Two-Factor Authentication with email, but the steps are almost identical when setting up Two-Factor Authentication with an authenticator app.

Select a method to use for authentication:

Selecting an authentication method for Two-Factor Authentication (click to zoom)

Clicking Continue will dispatch an email to the email address associated with your MyHeritage account. Open your email in a new window, or on your phone, to locate the verification code. Then, enter the six-digit verification code and click “Continue.”

Entering the verification code

That’s it! Two-Factor Authentication is now enabled. You will receive an email confirming that Two-Factor Authentication was enabled.

Two-Factor Authentication was successfully enabled

The next time you log in to your MyHeritage account, whether on the web or from the mobile app, you’ll need to enter the verification code in addition to your password.

Enabling Two-Factor Authentication for DNA Users

When you use MyHeritage, you are entrusting us with your personal data, and that data is all the more personal when it comes to your DNA. As the industry continues to experience a rise in bad actors attempting to steal personal data, we are in the process of making Two-Factor Authentication mandatory for all MyHeritage DNA customers. This means that if you’ve previously taken a DNA test with MyHeritage, uploaded DNA data from another service, or recently purchased a MyHeritage DNA kit for the first time, you will soon need to enable Two-Factor Authentication on your account before you can access your DNA results. In addition, Two-Factor Authentication will be required in order to download your raw DNA data from MyHeritage and to assign a DNA kit with results to another MyHeritage member.

Once this change takes effect, when visiting any of the DNA results pages on MyHeritage, users who don’t currently have Two-Factor Authentication enabled will see the message below:

Enabling Two-Factor Authentication to view DNA results and manage DNA kits

After clicking the button, follow the same steps described above to enable the Two-Factor Authentication method of your choice. Once it becomes mandatory, users who try to access DNA results from the MyHeritage mobile app will also see this screen and can follow the steps to set up Two-Factor Authentication.

If you recently purchased a MyHeritage DNA kit for the first time, we strongly recommend that you enable Two-Factor Authentication when activating your DNA kit. However, if you don’t, you’ll be able to do so later on.

The security of your data is our highest priority, and we cannot stress enough the importance of following best practices such as choosing strong passwords and not reusing passwords on multiple sites. The password you use on MyHeritage must be unique, and you should not use it anywhere else. On the same note, we strongly encourage all users to enable Two-Factor Authentication for their MyHeritage account, regardless of whether they’ve taken a DNA test. It takes only a few minutes to set up, and significantly enhances the security of your account.

Summary

Two-Factor Authentication will very soon become mandatory in order to view DNA results and access DNA tools on MyHeritage. Two authentication methods are now supported: by authenticator app and by email.

We are considering automatically enrolling some users of MyHeritage in email-based Two-Factor Authentication in order to accelerate its usage and enjoy its protection.

We appreciate your trust in MyHeritage. We continue to invest significant efforts to ensure that we provide the best possible user experience, while giving you peace of mind that your data is secure.