Thursday, March 08, 2018

Is Your Amazon Account Secure?

By Marcy Kennedy, @MarcyKennedy

Part of the Indie Author Series

As independent authors, one of the challenges we face is that everything lands on us. Even when we hire freelancers to design our covers or edit our work, we make the final decisions. Even when we reach the point where we might hire a personal assistant, we’re still in charge.

That means we have to consider certain things that traditionally published authors never have to think about. One of those things is the security of our retailer accounts.

Our retailer accounts contain the information necessary for us to receive our payments for book sales. If those accounts are hacked, the hacker can change the bank account information so that our money ends up in their bank. Not only that, but we instantly lose access to all our books and we can’t upload new ones. That alone can be disastrous for an indie author.

It can take weeks or months for something like this to be resolved (if it ever is). That’s why the best thing we can do is protect ourselves before anything happens.

Today I’m going to be talking about one easy step we can take to secure our Amazon account, but the principle applies to all retailer accounts. Each will have their own security features, and we should make sure they’re as tight as they can be.

If we find a retailer doesn’t have good security features, we can email them to express our concern. One email might be ignored, but if they keep receiving them, that’s how change happens.

So now on to the practical stuff.

Protecting Our Amazon Account

Before I continue on, I want to thank Melinda VanLone. She brought this issue up in a Facebook group for writers. I felt it was important enough to bring greater attention to in this blog post. Thank you, Melinda, for watching out for all of us!

You might be thinking that a hacker isn’t likely to target your KDP dashboard. Many hackers probably don’t even realize there is such a thing as a self-publishing portal.

But our Kindle Direct Publishing accounts are linked to our regular Amazon accounts. Hackers attempt to break into customer accounts on Amazon daily, and as soon as they change the password on our Amazon customer account, they’ve also blocked us from signing in to our KDP dashboard.

The way to help prevent this is what’s called two-step verification. It’s an option provided on our Amazon accounts, but it’s not the default so we have to enable it.

What Is Two-Step Verification?

Two-step verification basically means that you’re asked to sign in twice. The first time uses your password, and the second sign-in requires you to enter a code that will be texted or called to your phone number every time you try to sign in with your password. That code is time sensitive, making it harder to crack than a password that stays static over a long period of time.

If you ever receive a code and you know you haven’t tried to sign in, it also serves as an early warning that your password has been compromised.

Isn’t That a Pain?

Sort of. Amazon also allows you to identify your personal computer as a trusted device, though. That means that when you’re signing in on that device, you won’t be required to also enter the secondary code. A sign in from anywhere else, using another device, will require the code.

So How Do We Set Up Two-Step Verification?

When I first learned about this, I went straight to my KDP dashboard to try to set it up. I couldn’t find the option anywhere.

Because this feature is meant to protect Amazon customer accounts (protecting our KDP dashboards is a bonus only authors care about), we have to set it up from, not from the KDP site.

Here are the steps:

(1) Log in to your Amazon customer account, and choose Your Account from the Accounts & Lists dropdown menu at the top right of the page.

(2) Click on Login & Security.

(3) Under Advanced Security Settings, choose Edit.

From this page, you’ll be able to enable two-step verification. Amazon will walk you step-by-step through it from there. The process is a bit tedious because Amazon will text you or call you with a code to check that you’ve entered the right phone number, etc., but you only have to do it once.

If you want another tip for how to make sure your indie author business is secure, check out my post on The Single Biggest Mistake Independent Authors Make.

Do you have any other tips for making sure that our indie author business runs smoothly and safely? Please share!

Marcy Kennedy is a mystery and speculative fiction writer who believes fantasy is more real than you think. Alongside her own writing, Marcy works as a freelance fiction editor and teaches classes on craft and social media. She’s also the author of the Busy Writer’s Guides series of books. You can find her blogging about writing and about the place where real life meets science fiction, fantasy, and myth at

Blog | Facebook | Twitter | Amazon | Apple iBooks | Barnes & Noble

About Description

Description in fiction shouldn’t be boring for the reader or for the writer.

Description: A Busy Writer’s Guide will help you take your writing to the next level by exchanging ho-hum description for description that’s compelling and will bring your story to life, regardless of the genre you write.

In Description: A Busy Writer’s Guide, you will
  • find the answer to the age-old question of how much description is too much;
  • learn how to use point of view to keep description fresh;
  • recognize the red flags for boring description in fiction;
  • explore how to use all five senses to bring your descriptions to life for the reader;
  • discover the ways metaphors and similes can add power to your descriptive writing;
  • gain the tools needed to describe setting, characters, and action in engaging ways;
  • learn how descriptions can add conflict, enhance the theme, and amp up emotion; and
  • much more.


  1. Great idea, Marcy. You're always looking out for authors. 😍Thanks!

  2. Thanks for this information, Marcy. I did it immediately upon reading. You can't ever be too careful in this day and age.

  3. What great advice, thanks for sharing.
    Off to set this up now, and share the post with other authors.

  4. Great advice, especially like the personal computer bit.

  5. Marcy, as always, you provide excellent advice. I also have two Amazon accounts. One is my author account and the other is for book buying.

  6. Posting for someone who had trouble commenting...

    Comment from Tony L.

    The two factor authentication process forgets about the registered device option under some combination of cookies and history settings (I haven't played enough to figure it out), so exiting the browser (Firefox, in my case) requires going through the get-a code-and so forth once I restart the browser and log back in.
    Not that that's sufficient to give up the value-added in security.