I guess the title says it all. You can now use Two-factor Authentication (commonly written as 2FA) on your Ancestry Account. In Ancestry language it’s called Two-Step Verification. If you haven’t yet been exposed to this technology, 2FA requires that you have 2 different factors to authenticate your account. These two factors are commonly something you know (your password) and something you have (a mobile phone, or a hardware key such as a yubikey). With Ancestry this means that every time you log-in to your Ancestry account you need to enter a 6-digit code that will be texted to your mobile phone. If that sounds like a pain then you can and should enable the option to “Remember this Device” – it’s a tick box that is part of the sign-in pop-up box (see below).
Enabling Two-factor authentication is easy. Whilst signed in to your account go to the section “My Account”. This is available on the top-right of any web-page you have open at Ancestry. Next to the small thumbnail picture of yourself you will have name. Click on this and a small drop-down menu will appear. Click on the option “My Account” or access it directly from ancestry.com/secure/account. Edit the Section “Your Account” (see image below).
You will then need to provide a mobile phone number and have that authenticated. In addition you will get a 12 character emergency backup code. This is important, so print it off and keep it safe. As the pop-up box says “For your security, your account will be locked if you do not have your verification code or your emergency backup code“. If you lose your phone, or just your phone number you will need this code to remove 2FA from your account
Why do you need Two-Factor Authentication?
Unless you are using a Password Manager to generate long complex passwords you will probably be using the same password on multiple sites. There is already a good chance that your email address/password combination is already known to the “bad guys”. If you want to find out about this there is no better site than Try Hunt’s haveibeenpwned.com. Simply type in your email account and see which sites have leaked account information linked to your email address.
In addition it’s important to remember that Ancestry itself had a data breach between 2015 and 2017 when “a file containing almost 300k email addresses and plain text passwords was identified“
I must admit that I doubt that anyone’s Ancestry account is a prime target for hackers, but I think good information-technology security means that you should use the safest options for your presence in the on-line world.