Logging in with two-factor authentication

If you enabled two-factor authentication, you can log in to any Yandex service or app using a one-time password. If you added several accounts to Yandex.Key, don't forget to switch to the correct account before entering your PIN code. You can also log in to some Yandex services using a QR code.

App passwords are used to log in to third-party apps and programs (mail clients, messengers, mail importers, and so forth).

Attention. You can only use one-time passwords to log in to apps developed by Yandex; app passwords will not work, even if they are generated correctly.
  1. Logging in to a Yandex service or app
  2. Logging in with a QR code
  3. Logging in with Yandex ID to a third-party app or website
  4. Transfer Yandex.Key
  5. Multiple accounts in Yandex.Key
  6. Fingerprint instead of PIN code
  7. Master password
  8. Backup copy of Yandex.Key data
  9. How your exact local time is used when generating one-time passwords

Logging in to a Yandex service or app

You can use one-time passwords to log in to Yandex services and apps.

Note. You need to enter the one-time password before it stops displaying on the app screen. If there isn't much time left until the next password, simply wait for the new one to appear.

To get a one-time password, launch Yandex.Key and enter the PIN code that you created when setting up 2FA. The app will start generating passwords every 30 seconds.

Remember:

  • You can copy your current password from Yandex.Key into another app. To do this, click next to your password.
  • It makes no sense to save one-time passwords in your browser or anywhere else. Even if you don't use a password immediately, it'll stop working very soon.

Yandex.Key will not verify that the PIN code you enter is correct: it will generate one-time passwords even if you've entered your PIN code incorrectly. In this case, the generated passwords will also be invalid, and you won't be able to log in with them. To enter the correct PIN code, you just have to exit the app and launch it again.

Logging in with a QR code

Some services (such as the Yandex homepage, Yandex.Disk, and Yandex.Mail) allow you to sign in to Yandex by simply pointing your camera at a QR code. Your mobile device must be connected to the internet so that Yandex.Key can communicate with the authentication server.

To log in with a QR code:

  1. Click the QR code icon in the browser.

    If there is no such icon, then you can only log in to this service with a password. In this case, you can log in to your account with a QR code and then go to the service you need.

  2. Enter your PIN code in Yandex.Key and tap Log in with QR code.
  3. Point your device's camera at the QR code displayed in your browser.

Yandex.Key detects the QR code and sends your username and one-time password to Yandex ID. If they pass verification, you will log in automatically in your browser. If the password sent turns out to be incorrect (for example, as a result of entering the wrong PIN code in Yandex.Key), then the browser will display the standard error message that you entered an incorrect password.

Logging in with Yandex ID to a third-party app or website

Apps or sites that need to access your Yandex data sometimes ask you to enter your password to log in to your account. In these situations one-time passwords will not work; you will need to create a separate app password for each app of this type.

Attention. Yandex apps and services only work using one-time passwords. Even if you create an app password for a service like Yandex.Disk, you won't be able to log in with it.

Transfer Yandex.Key

You can transfer the generation of one-time passwords to another device or configure Yandex.Key on multiple smartphones at the same time. There are two ways to do this:

  • On the Access control page, click Switch device.
  • Use the backup copy of your data.

    1. Create it on the current device (if it hasn't been created yet).
    2. Install Yandex.Key to the new device.
    3. Restore data. Now you can use Yandex.Key on both devices.

Multiple accounts in Yandex.Key

The same Yandex.Key app can be used for multiple accounts that use one-time passwords. To add another account to the app while setting up one-time passwords, click in the app during step 3. You can also have Yandex.Key generate passwords for other services that support two-factor authentication. Instructions for most popular services can be found on the Generate verification codes for non-Yandex services page.

To remove an account from Yandex.Key, tap and hold the corresponding portrait in the app until a cross icon appears to the right of it. When you tap on the cross, that account will no longer be linked to Yandex.Key.

Attention. If you delete an account which had one-time passwords enabled, you will not be able to get one-time passwords to log in to Yandex. In this case, you will have to restore access.

Fingerprint instead of PIN code

You can use a fingerprint instead of a PIN code on the following devices:

  • Smartphones running on Android 6.0 and those with fingerprint scanners

  • iPhone starting with model 5s

  • iPad starting with model Air 2

Note.

You can bypass the fingerprint scan on iOS smartphones and tablets, however, by entering the device's password. To prevent this from happening, set up a master password or make your password more complex. Just open the Settings app and select Touch ID and password.

To enable fingerprint scanning:

  1. Launch Yandex.Key.

  2. Click .

  3. Select the account you need.

  4. Enable Fingerprint (for Android) or Touch ID (for iOS).

Master password

Create a master password to further protect your one-time passwords: Master password.

With a master password you can:

  • Make it so that instead of a fingerprint, you just have to enter the Yandex.Key master password and not the device lock code.

  • Save your Yandex ID PIN code in the app so that you don't have to enter it every time you need a new one-time password.

Backup copy of Yandex.Key data

You can create a backup copy of your Yandex.Key data on the Yandex server so that you can transfer it to another device or restore it if you lose your phone or tablet.

To get data from a backup copy, you need the following:

  • Access to the phone number that you used when creating the copy.

  • The password that you entered to encrypt the backup copy.

Data from all the accounts that you had on Yandex.Key when you did the backup is copied to the server. It's not possible to create more than one backup copy; each subsequent copy of data for a specific phone number will replace any previous ones.

Attention. The backup copy only contains usernames and the "secrets" that are necessary to generate one-time passwords. You must remember the PIN code that you entered when enabling two-factor authorization.

You can't delete a backup copy from the Yandex server yourself. It is deleted from the Yandex server automatically if you do not use it for more than a year.

Create a backup copy

  1. Select Create a backup copy in the app settings.

  2. Enter the phone number that the backup copy will be linked to (for example, “1234567890”) and click Next.

    Yandex will send a confirmation code to this address. Once you get the code, enter it in the app and click Next.

  3. Think up a password for encrypting the backup copy of your data. You can't restore this password, so make sure that you don't forget or lose it.

  4. Enter the password you want to use twice and then click Done. Yandex.Key encrypts the backup copy and informs you when it gets sent to the Yandex server.

Restore access from your backup copy

  1. Select Restore access from your backup copy in the app settings.

  2. Enter the phone number that you used when creating the backup copy (for example, “1234567890”) and click Next.

    If a backup copy of that Yandex.Key data is found for the number you enter, Yandex will send a confirmation code to that number. As soon as you receive the code, enter it in the app.

  3. Make sure that the device name and the date and time when the backup copy was created match the backup copy you want to use. Then click Restore.

  4. Enter the password you entered when you created the backup copy. If you don't remember it, you can't unencrypt your backup copy, unfortunately.

  5. Yandex.Key will unencrypt your backup copy and let you know that your data was restored.

How your exact local time is used when generating one-time passwords

Yandex.Key takes into account the current time and time zone set on your device when it generates one-time passwords. When an internet connection is available, the app also requests the exact time from the server. If the device's time is set incorrectly, then the app will correct it. Please note that in some situations, even after the app makes a correction and the correct PIN code is entered, the one-time password will be incorrect.

If you're sure that you entered your PIN code and password correctly, but you can't log in:

  1. Make sure that you have the correct time and time zone set on your device. Then try logging in with a new one-time password.

  2. Connect to the internet so that Yandex.Key can get the correct time itself. Then restart the app and try entering your new one-time password.

If the problem still doesn't resolve, please use the form below to the Support Dept.