Customer help > Privacy and security

Password security

When you sign in to your account, we take precautions to protect your account. First, whenever you sign in to your Amazon account, you sign in using a secure server connection (https://). We use Transport Security Layer (TLS)/Secure Socket Layer (SSL), the industry standard in secure server protection.

Your account is also protected by a unique password that you create. Remember these guidelines when creating your password:

  • Avoid passwords containing your user's real name or username
  • Use passwords with minimum length of 6 characters.
  • Use passwords with a minimum of three of the following mix of character types: uppercase, lowercase, numbers, non-alphanumeric symbols (for example , ! @ # $ % ^ & * < > -).
  • Avoid passwords consisting solely of a word with slight modifications.
  • Avoid usage of modifications or increments of a recent password for the account.
  • Avoid using common words or phrases as your password.
  • We also recommend that you keep this password confidential. Sharing your password can compromise the security of your Amazon account.
  • Passwords should be changed frequently (at least every 90 days).

Secure your account with two-step verification

We recommend that you add another level of security to your account by setting up two-step verification, also known as multi-factor authentication (MFA). For instructions, see Turning on two-step verification on the website.

For help recovering access to an account that has been secured with two-step verification, see Two-step verification account recovery.

See also