How to Setup 2FA

On October 13, 2022, Neopets had rolled out an update to enable 2-Factor Authentication (2FA). 2FA is an industry-standard way to add an additional layer of security to your online accounts. 

What is 2FA?

Normally, you sign on a website using an email or username and your password. If your password is easy to guess, malicious users could be able to gain access to your device, leading them to compromise your email, and in turn, gain access to your account. 2FA is designed to make it so only you are able to access your account, even if your email or password was compromised. Essentially, you use a special application that will generate a unique code in order to verify your ownership of said account.

How does 2FA work?

2FA is not the same as a traditional "password." Instead, the website that incorporates 2FA will generate and assign a unique secret phrase to your account. The website will either let you scan a QR-code, or provide you with a secret phrase. You must use a 2FA application to scan the QR-code or enter that secret phrase. The 2FA application will generate a unique 6 to 8 digit number every few seconds. When singing in to an account with 2FA enabled, you will need to provide that number.

By design, 2FA is based solely on time. Every few seconds, a new code will be generated and the previous code provided will no longer work. Thus, if someone knew your login credentials, they would not be able to sign into your account due to the fact that the unique code is continuously changing.

How do I setup 2FA?

The process is similar to any other website, but we'll be focusing on Neopets. Firstly you will need to download a 2FA application on your mobile device. Google Authenticator and Microsoft Authenticator are both available for iOS and Android devices.
  1. Google Authenticator
    1. Download for iOS from the App Store
    2. Download for Android from the Play Store
  2. Microsoft Authenticator
    1. Download for iOS from the App Store
    2. Download for Android from the Play Store

After it is installed on your device, you'll need to enable 2FA on your Neopets account. In your account settings, you will need to click on 2-Factor Authentication. To confirm your account, you will need to specify your password and click "Enable 2FA."



After you successfully entered your password, a popup will appear. It will provide some simple instructions.


Open the 2FA application you just installed on your mobile device. Click on the "+" (the plus) icon on the top-right or bottom-right.

For Google Authenticator:

For Microsoft Authenticator:


For Google Authenticator, you will need to select "Scan a QR-code." In Microsoft Authenticator, when prompted to add an account, select "Other."

For Google Authenticator:

For Microsoft Authenticator:


At this point, your camera will open. Point the camera towards the QR-code. Try to align the QR-code within the square overlaid ontop of your camera in the 2FA application.

Once it is succesful, the camera will close. You will then see a new item in the main codes list. For example, you will see "" followed by your username, with a 6-digit number.

For Google Authenticator:

For Microsoft Authenticator:


You will have to enter that 6-digit number onto Neopets (under step 3 above) and then click "activate."


Once "activate" is clicked, another prompt will appear. In order to activate 2FA, you must generate a set of backup emergency codes. We recommend that you write these numbers down in a secure location where ONLY YOU know where they are and can access. These emergency codes act as a recovery method if you are locked out of your account because you do not have access to your 2FA application. For example, if your mobile device is damaged or stolen, then you won't be able to use the authenticator app to verify yourself. The backup codes will allow you to recover your acount. When you use an emgerency code, then 2FA will automatically get disabled when you sign in. You will have to setup 2FA again in order to reinstate that extra layer of security.


Make sure you have written these codes down and they're in a safe and secure location! Once you have them written down, you will need to check the checkbox, confirming you have actually written it down. Then you can proceed to "Enable 2FA."


After enabling 2FA, you will receive a confirmation dialog.


What should it look like after I've completed the 2FA application?

Once you have officially set up the 2FA application with your Neopets account, you are then able to login accordingly.

Once you click "login" you will be asked to provide the 6-digit code.


In case of an emergency, you can use the "Emergency Backup Code" that were given to you during setup. (These are the codes you should have stored safely.) Using the emergency backup code will disable your 2FA on your account.


If needed, and you insert your emergency backup code, you will get a message that looks like the following with a warning lasting 3 seconds. It will redirect you to your settings where you can re-enable 2FA.