If you’re going to put an internet-connected thermostat in your house, you should do whatever you can to keep it secure. Here’s how to enable two-factor authentication on your Nest account to help thwart attackers.

As we’ve explained before, two-factor authentication involves using something you know—like a password—and something you have—like your phone—to log into an account. If an attacker wants to get access to your account, they’d need to know your password and have your phone, seriously decreasing the chances your account will get broken into.

Nest has made two-factor authentication available using codes sent over SMS. While this isn’t the most secure two-factor method, it is one more hurdle for an attacker to get past. Those hurdles are extra important when an intruder in your account could change your home’s temperature or monitor your security cameras.

To turn on two-factor authentication for your account, head to Nest’s website here and click Sign In in the top-right corner.

Next, click your profile picture in the top right corner.

In the drop-down menu, click “Manage account.”

In the Account window that appears, click “Manage account” again.

Click Account Security.

Click “2-step verification” in the next window.

Enable the toggle that appears under “2-step verification” in the Account Security window.

You’ll have to re-enter your password to continue. Enter it into the password box, then click Continue.

Enter the phone number where you want to receive your authentication codes and click Send Code.

You’ll receive a text message with a six-digit code shortly. Enter that code below your phone number and click Continue.

The last screen will confirm the phone number you used to secure your account. Click Done.

Now you’re all set! If you want to log into your account online or on any Nest device, you’ll need to have your phone handy to receive those login codes. So will any attacker who wants to screw around with your thermostat.

Profile Photo for Eric Ravenscraft Eric Ravenscraft
Eric Ravenscraft has nearly a decade of writing experience in the technology industry. His work has also appeared in The New York Times, PCMag, The Daily Beast, Popular Science, Medium's OneZero, Android Police, Geek and Sundry, and The Inventory. Prior to joining How-To Geek, Eric spent three years working at Lifehacker.
Read Full Bio »