Following Hack, Reddit Encourages Enabling 2FA

After employee data was compromised by a phishing campaign, the company encourages strengthening your account security by implementing two-factor authentication.

Nina Raemont Writer
A recent graduate of the University of Minnesota, Nina started at CNET writing breaking news stories before shifting to covering Security Security and other government benefit programs. In her spare time, she's in her kitchen, trying a new baking recipe.
Nina Raemont
2 min read
Reddit - the front page of the internet

Reddit's primary production systems, which run the site and store data, weren't breached, the company said. 

James Martin/CNET

If you haven't already, you should probably set up stronger passwords and enable two-factor authentication on your online accounts. That was the message Reddit promoted following a data breach that left some internal documents, code and business systems exposed, Reddit confirmed on Thursday. In a post on the Reddit site, the company stressed that Reddit users' passwords and accounts were safe, but it used the attack as an opportunity to remind people to protect their account. 

On Feb. 5, Reddit became aware of a "sophisticated phishing campaign" targeting its employees, the company said. After obtaining an employee's credentials, the attacker had access to some internal information and systems. Contact information for hundreds of current and former employees was exposed, as well as limited advertiser information, the company said. 

Reddit's primary production systems, which run the site and store data, weren't breached, according to the company. 

"We have no evidence to suggest that any of your non-public data has been accessed," the company wrote in its post to users. "We're continuing to investigate and monitor the situation closely and working with our employees to fortify our security skills."

Set Up Two-Factor Authentication on Reddit to Protect Your Account

On the topic of keeping information secure, Reddit encouraged people to set up two-factor authentication on their accounts to prevent any scammers from stealing information. The company also suggested people update their passwords frequently for an additional layer of strength and security, and that they use a password manager

Here's how to set up two-factor authentication on Reddit, according to a Reddit Help blog post

1. Click on your username in the top right of your screen.

2. Select User Settingsand click on the Privacy & Securitytab. 

3. Under Advanced Security, you'll see the Use two-factor authenticationcontrol. To enable it, click the toggle to on.

4. Next, enter your password and click Confirm. 

5. Follow the step-by-step instructions to set up your authentication, and don't forget to save your backup codes. 

6. After setup, you may be asked to log out and log back in to your account. Moving forward, you'll need to enter a six-digit code from your authenticator app every time you log in to Reddit.