Log in with two-factor authentication

If you enabled two-factor authentication, you can sign in to any Yandex service or app using a one-time password. If you added several accounts to Yandex.Key, don't forget to switch to the correct account before entering your PIN code. You can also sign in to many Yandex web services using a QR code.

App passwords should be used for signing in to third-party apps and programs (mail clients, messengers, mail importers and so on),

Attention. You can only use one-time passwords to log in to apps developed by Yandex; app passwords will not work, even if they are generated correctly.
  1. Sign in to a Yandex service or app
  2. Sign in with a QR code
  3. Sign in to a third-party app or site using your Yandex account
  4. Move Yandex.Key to another device
  5. Multiple accounts in Yandex.Key
  6. Fingerprint instead of PIN code
  7. Master password
  8. Backup copy of Yandex.Key data
  9. How your exact local time is used when generating one-time passwords

Sign in to a Yandex service or app

You can enter a one-time password into any Yandex sign-in form or use it to log in to apps developed by Yandex.

Note.

You need to enter the one-time password before it stops displaying on the app screen. If there isn't much time left until the next password, simply wait for the new one to appear.

To get a one-time password, launch Yandex.Key and enter the PIN code that you created when setting up 2FA. The app will start generating passwords every 30 seconds.

Remember:

  • You can copy your current password from Yandex.Key into another app. To do this, click next to your password.

  • It makes no sense to save one-time passwords in your browser or anywhere else. Even if you don't use a password immediately, it'll stop working very soon.

Yandex.Key will not verify that the PIN code you enter is correct: it will generate one-time passwords even if you've entered your PIN code incorrectly. In this case though, your generated password will also be incorrect and you will not be able to sign in with it. To enter the correct PIN code, you just have to exit the app and launch it again.

Features of one-time passwords:

Sign in with a QR code

Some services (such as the Yandex homepage, Passport, or Mail) allow you to sign in to Yandex by simply pointing your camera at a QR code. Your mobile device must be connected to the internet so that Yandex.Key can communicate with the authentication server.

To sign in with a QR code:

  1. Tap on the QR code icon in the browser.

    If there is no QR icon in the login form, it means that you can only log in to this service with a password. In this case you can sign in to Passport with a QR code, and then go to the service you want.

  2. Enter your PIN code in Yandex.Key and tap Log in with QR code.

  3. Point your device's camera at the QR code that is displayed in your browser.

Yandex.Key detects the QR code and sends your username and one-time password to Yandex.Passport. If they pass verification, you will be automatically signed in on your browser. If the password sent turns out to be incorrect (for example, as a result of entering the wrong PIN code in Yandex.Key), then the browser will display the standard error message that you entered an incorrect password.

Sign in to a third-party app or site using your Yandex account

Apps or sites that need to access your Yandex data sometimes ask you to enter your password to log in to your account. In these situations one-time passwords will not work; you will need to create a separate app password for each app of this type.

Attention. Yandex apps and services only work using one-time passwords. Even if you create an app password for a service like Yandex.Disk, you will not be able to log in using it.

Move Yandex.Key to another device

You can move one-time password generation to another device or set up Yandex.Key on several devices. To do it, open the Access management page and click the Device replacement button.

Multiple accounts in Yandex.Key

The same Yandex.Key app can be used for multiple accounts that use one-time passwords. To add another account to the app while setting up one-time passwords, click in the app during step 3. You can also have Yandex.Key generate passwords for other services that support two-factor authentication. Instructions for most popular services can be found on the Generate verification codes for non-Yandex services page.

To remove an account from Yandex.Key, tap and hold the corresponding portrait in the app until an "X" appears to the right of it. When you tap on the "X", that account will no longer be linked to Yandex.Key.

Attention. If you delete an account which had one-time passwords enabled, you will not be able to get one-time passwords to log in to Yandex. In this case, you will have to restore access.

Fingerprint instead of PIN code

You can use a fingerprint instead of a PIN code on the following devices:

  • Smartphones running on Android 6.0 and those with fingerprint scanners

  • iPhone starting with model 5s

  • iPad starting with model Air 2

Note.

You can bypass the fingerprint scan on iOS smartphones and tablets, however, by entering the device's password. To prevent this from happening, set up a master password or make your password more complex. Just open the app Settings and select Touch ID and password.

To set up fingerprint scanning:

  1. Launch Yandex.Key.

  2. Click .

  3. Select the desired account.

  4. Enable Fingerprint (for Android) or Touch ID (for iOS).

Master password

Create a master password to further protect your one-time passwords. Go to Master password.

You can use the master password to:

  • Enter just the Yandex.Key master password instead of your fingerprint, without needing the device password.

  • Store the PIN code for your Yandex account in the app, so you don't have to enter it every time you need a new one-time password.

Backup copy of Yandex.Key data

You can create a backup copy of your Yandex.Key data on a Yandex server so that you can restore it if you lose the phone or tablet that you installed the app on. Data from all the accounts that you had on Yandex.Key when you did the backup is copied to the server.

To get data from a backup copy, you need the following:

  • Access to the phone number that you used with the app

  • The password that you entered to encrypt the backup copy

Attention. The backup copy only contains usernames and the "secrets" that are necessary to generate one-time passwords. You must remember the PIN code that you entered when you enabled one-time passwords on Yandex.

It's not possible to create more than one backup copy; each subsequent copy of data for a specific phone number will replace any previous ones.

At the moment, it is not possible to delete a backup copy from the Yandex server. The copy will be deleted automatically if it isn't used for three months.

Create a backup copy

  1. Select Create a backup copy in the app settings.

  2. Enter the phone number that the backup copy will be linked to (for example, “1234567890”) and click Next.

    Yandex will send a confirmation code to this address. As soon as you receive the code, enter it in the app.

  3. Think up a password for encrypting the backup copy of your data. You can't restore this password, so make sure that you don't forget or lose it.

  4. Enter the password you thought up two times and click Done. Yandex.Key encrypts the backup copy, and informs you when it gets sent to the Yandex server.

Restore access from your backup copy

  1. Select Restoring access from your backup copy in the app settings.

  2. Enter the phone number that you used when creating the backup copy (for example, “1234567890”) and click Next.

    If a backup copy of that Yandex.Key data is found for the number you enter, Yandex will send a confirmation code to that number. As soon as you receive the code, enter it in the app.

  3. Make sure that the date and time when the backup copy was created and device name match the backup copy you want to use. Then click Restore.

  4. Enter the password you entered when you created the backup copy. If you don't remember it, you can't unencrypt your backup copy, unfortunately.

  5. Yandex.Key will unencrypt your backup copy and let you know that your data was restored.

How your exact local time is used when generating one-time passwords

Yandex.Key takes into account the current time and time zone set on your device when it generates one-time passwords. When an internet connection is available, the app also requests the exact time from the server. If the device's time is set incorrectly, then the app will correct it. Please note that in some situations, even after the app makes a correction and the correct PIN code is entered, the one-time password will be incorrect.

If you are sure that you entered your PIN code and password correctly, but were unable to sign in:

  1. Make sure that you have the correct time and time zone set on your device. Then try logging in with a new one-time password.

  2. Connect to the internet so that Yandex.Key can get the correct time itself. Then restart the app and try entering your new one-time password.

If the problem persists, please use the form below to contact Support.