In recent times, many LinkedIn users have reported seeing prompts from the platform asking them to set up an authenticator app like Google Authenticator when logging in. This has led to some confusion and questions around why LinkedIn is suddenly requiring two-factor authentication via an authenticator app for users.
Two-factor authentication (also known as 2FA) is an extra layer of security beyond just a password that helps protect user accounts from unauthorized access. It works by requiring the user to provide two different forms of identification before they can log in. The first is something they know (like a password) and the second is something they have (like a code from an authenticator app).
So why is LinkedIn rolling out this extra security requirement for users? There are a few key reasons behind this move.
Increased Account Security
The main driver is to increase security and prevent compromised accounts. LinkedIn stores a tremendous amount of sensitive user data including personal information, employment history, connections, messages, and more. Compromised LinkedIn accounts can open up users to identity theft, damaged professional reputation, and other forms of fraud.
By requiring an authenticator app in addition to a password, it becomes much harder for hackers and scammers to access user accounts even if they are able to steal a password through phishing or other means. The added code from the authenticator acts as a second barrier to prevent unauthorized access.
Industry Best Practices
LinkedIn is also moving towards alignment with industry best practices around account security. Many major technology platforms from Google to Twitter to Microsoft already require two-factor authentication for enhanced protection.
As cyber attacks and account compromises continue to grow in frequency and sophistication, two-factor authentication has become a baseline standard across much of the tech industry. By adopting this standard, LinkedIn is showing a commitment to keeping user data secure.
User Demand
LinkedIn users themselves have been asking for increased account security. In an era of near constant data breaches and cybercrime, people want to know their sensitive information remains protected.
Two-factor authentication has become a broadly recognized way to achieve that peace of mind. By giving into user demand for multi-factor login, LinkedIn pleases its customer base.
Regulatory Requirements
Finally, regulatory bodies are also beginning to mandate stronger account security practices across the tech sector. For example, new European Union regulations require two-factor authentication to protect user data. By rolling out authenticator requirements, LinkedIn aims to get ahead of soon-to-come security regulations.
How the Authenticator Requirement Works
LinkedIn’s authenticator requirement functions through the following process when you attempt to log in:
- You enter your LinkedIn username and password on the login page as usual.
- After submitting your password, you will see a prompt to enter a 6-digit code from your authenticator app.
- Open your authenticator app on your mobile device (such as Google Authenticator).
- A 6-digit time-based code will appear in the app, refreshed every 30 seconds.
- Enter this 6-digit code back into the LinkedIn login page.
- If the codes match, you will be logged into your account.
On mobile devices, the process is similar except you will be prompted to open your authenticator app after entering your password. You need to have the authenticator app installed on your mobile device to complete 2FA login on mobile.
The first time you setup two-factor authentication, you will be guided through linking your LinkedIn account to the authenticator app by scanning a QR code. This synchronizes the app to generate valid login codes for your account.
Which Authenticator Apps Work with LinkedIn?
LinkedIn supports any authenticator app that uses Time-based One-time Password Algorithm (TOTP) to generate login codes. The most popular choices include:
- Google Authenticator (Android, iOS)
- Authy (Android, iOS)
- Microsoft Authenticator (Android, iOS)
- 1Password (Android, iOS)
- LastPass Authenticator (Android, iOS)
These apps are highly secure and free to download and use. Google Authenticator is commonly used but any of these apps will work seamlessly with LinkedIn’s login process.
What if You Lose Your Phone or Authenticator App?
Losing your phone or authenticator app can block access to your LinkedIn account. However, LinkedIn provides users with backup options:
- Backup Codes – When you setup 2FA, LinkedIn will generate a list of one-time use backup codes you can save and use to login if you lose access to your authenticator app.
- Recovery Code – You can designate a recovery phone number or email address. LinkedIn will send you a login code if you need it.
- Trusted Contacts – You can select trusted contacts on LinkedIn who can enable your account if you get locked out.
As long as you save your backup codes or set a recovery contact, you can get back into LinkedIn even without your primary authenticator app.
Is Two-Factor Authentication Mandatory on LinkedIn?
At the moment, two-factor authentication is optional on LinkedIn. However, enabling it is highly recommended for all users to maximize account security.
LinkedIn has been strongly encouraging users to turn on 2FA when they see the popup prompts after login. It is expected that two-factor authentication will eventually become mandatory for all LinkedIn users.
Other platforms like Google, Facebook, Twitter, and Slack have also started off with optional 2FA before later making it a requirement. LinkedIn appears to be following a similar path.
So while not absolutely required yet, it’s a good idea to go ahead and enable two-factor authentication via an authenticator app now to get ahead of the curve. Otherwise you may eventually get locked out of your LinkedIn account.
Conclusion
LinkedIn’s rollout of mandatory authenticator app requirements aims to boost security and make the platform safer for users. As cyber threats grow and regulations tighten, two-factor authentication has become a baseline best practice across the technology industry.
While users may need to perform an extra step when logging in, authenticator apps provide significant protection against compromised credentials and account takeovers. Between the risk of account hacks and the inevitability that 2FA will soon be mandatory for all users, the choice is clear – take the few minutes to setup an authenticator app on your account now.
Frequently Asked Questions
Why is LinkedIn suddenly requiring an authenticator app?
LinkedIn has introduced a requirement for users to set up an authenticator app like Google Authenticator in order to enhance account security through two-factor authentication. This adds an extra layer of protection beyond just a password when logging in.
What types of authenticator apps work with LinkedIn?
Any authenticator app that generates time-based one-time password (TOTP) codes will work, including Google Authenticator, Microsoft Authenticator, Authy, LastPass, and 1Password.
Can I use SMS or phone call two-factor authentication instead?
No, LinkedIn specifically requires use of an authentication app code when prompted after logging in with your password. SMS or phone call options do not meet this requirement.
What happens if I lose my phone or authenticator app?
LinkedIn provides backup options like one-time use backup codes, recovery contacts, and trusted account partners to help regain access if you lose your device or authenticator app.
Is two-factor authentication mandatory yet on LinkedIn?
Currently it is optional but highly recommended. However, LinkedIn is expected to make 2FA mandatory for all users in the future.
What if I fail to set up two-factor authentication on LinkedIn?
For now, you can still access your account with just your password. But in the future, not enabling 2FA may lead to being locked out of LinkedIn.
The Bottom Line
LinkedIn’s increased security requirements aim to protect user data and accounts from unauthorized access. While setting up an authenticator app adds one extra step to logging in, it provides significant protection that is well worth the minor inconvenience.