Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

Tesla Launches Multi-Factor Authentication for Customers' Tesla Accounts

This site may earn commission on affiliate links.

jcanoe

Well-Known Member
Oct 2, 2020
8,307
9,532
Maryland
Starting today you can enable multi-factor authentication on your Tesla Account. It is vitally important that you protect your Tesla account with 2-factor authentication. Typically this can be done by installing an authentication app on your smart phone. Tesla's multi-factor authentication works with many authentication apps.

The most common authentication apps include:

Google Authenticator - commonly used to authenticate Google's applications

Microsoft Authenticator - commonly used to authenticate Microsoft's applications.

Twilio Authy - commonly used for just about everything else.

More here: Tesla finally launches two-factor authentication to better protect customers - Electrek

Here is a ZDNET article that describes three of the most common 2-factor authentication apps: Protect yourself: How to choose the right two-factor authenticator app | ZDNet

I just set this up for my Tesla account using Authy. It takes just a few minutes.

1) Install the authenticator app on your smart phone. Follow the directions for adding a phone number and an email to the authenticator app. (If you choose to use Authy this app has the ability to backup your Authy credentials to the cloud, highly recommended. Create your Authy backup recovery password.)

2) Log in to your Tesla Account from your computer or smart phone. (Do not log out of your Tesla app on your smart phone, use the browser on your computer or smart phone to log in to your Tesla account.)

3) Select Manage Multi-Factor Authentication

4) Enter the code displayed on the Authenticator app into the Tesla screen.

5) The default device is initially labeled Device 1, don't delete it by mistake. You can rename this device if you wish, i.e. rename to My iPhone (no special characters allowed.)

6) Tesla will automatically generate a list of 10 backup single use passwords to use to access your Tesla Account should you lose access to your primary authentication app, i.e.you lose your phone. Copy and paste these codes from the Tesla screen, save them to a text file else these codes will be lost. Save the codes. You can also take a photo of the screen using your phone to create a record of the Tesla passwords.

7) Once you have activated 2-factor authentication for your Tesla Account you will need to enter the 6 digit code generated by authenticator app into the Tesla authentication page every time you log into your Tesla account. (Typically the app generates a new 6 digit code every 30 seconds.)
 
Last edited:
  • Like
Reactions: angus[Y]oung
A related question is if you enable 2-factor authentication (2FA) on your Tesla account should you still enable PIN-to-Drive on your Tesla vehicle?

I'm thinking yes, PIN-to-Drive addresses entirely different security use cases from 2FA.

Without PIN-to-Drive enabled anytime you step out of your vehicle and leave your phone inside the Tesla a car thief can hop in the driver's seat and be gone with your vehicle in seconds. With PIN-to-Drive enabled the Tesla will remained in Park until someone enters the PIN.
 
The most common authentication apps include:

Google Authenticator - commonly used to authenticate Google's applications

Microsoft Authenticator - commonly used to authenticate Microsoft's applications.

Twilio Authy - commonly used for just about everything else.

@jcanoe FYI, Authy is really just a (better) app for Google Authenticator, as it allows use on multiple devices and encrypted backup to the cloud. Google Authenticator can be used for many services beyond Google's apps; I currently use it for Amazon, LastPass, Instagram, Slack, Twitter, PayPal, BitBucket, and even here on TMC. I've also used in the past with Facebook and Discord. GA/Authy is always my first choice when it's available.
 
@jcanoe FYI, Authy is really just a (better) app for Google Authenticator, as it allows use on multiple devices and encrypted backup to the cloud. Google Authenticator can be used for many services beyond Google's apps; I currently use it for Amazon, LastPass, Instagram, Slack, Twitter, PayPal, BitBucket, and even here on TMC. I've also used in the past with Facebook and Discord. GA/Authy is always my first choice when it's available.
Thank you for the clarification. The most important thing, now that Tesla supports 2FA is to set this up for accessing your Tesla Account. Until now, without 2FA, your Tesla account has been highly vulnerable to being hacked. Most people use just a few email accounts, your email account may have already shown up on the Dark Web. Since Tesla uses an email account as your User Id all that the hackers need is to obtain your password. Hash encrypted password lists of commonly used passwords are freely available. Once a hacker has obtained your email and your password they can download the Tesla app to any phone and log into your Tesla account using the app, then locate your Tesla vehicle. Using the Tesla app on this phone they can unlock the vehicle and drive away with your Tesla. Even if you have PIN-to-Drive enabled on your Tesla vehicle the thief/hacker can use your email and password to override the PIN-to-Drive security. With 2FA enabled a hacker is prevented from logging into your Tesla account even once they have obtained your email and your password.
 
  • Like
Reactions: angus[Y]oung
PIN to drive protects your car, if you
had that before I see no reason to remove it now.


A related question is if you enable 2-factor authentication (2FA) on your Tesla account should you still enable PIN-to-Drive on your Tesla vehicle?

I'm thinking yes, PIN-to-Drive addresses entirely different security use cases from 2FA.

Without PIN-to-Drive enabled anytime you step out of your vehicle and leave your phone inside the Tesla a car thief can hop in the driver's seat and be gone with your vehicle in seconds. With PIN-to-Drive enabled the Tesla will remained in Park until someone enters the PIN.
 
  • Like
Reactions: angus[Y]oung