Account Security

At Bed Bath & Beyond, we are focused on protecting our customers’ account information. Here are some new features we’ve introduced, and best practices you can follow, to maximize the security of your account.

New: Multi-Factor Authentication

We’ve added an additional layer of security to online accounts. When you sign in with a new device or a device we don’t recognize, we’ll ask you to enter a six-digit PIN that is automatically sent to your email address. Verification may also be required when you create an account with an email address that we’ve seen before (for example, to sign up for offers or place a guest order). Once you’ve entered the PIN, you’re all set. Customers with security questions saved to their accounts can also verify that way.

For more information and answers to many FAQs, please click here to visit our knowledge center.

multifactor image 1
multifactor image 2

Security Questions


We give you the option within your account to set up challenge questions as a secondary method to identify yourself. We recommend making the answers easy for you to remember, but hard for others to guess. If you haven’t selected challenge questions yet, visit My Account to set them up - it’s easy.


Password Restrictions


We require a password between 8 and 20 characters with at least one uppercase letter, one lowercase letter and one number, which does not include your personal name or spaces. We also recommend that you:

  • Change your password frequently
  • Avoid using the same password on multiple sites
  • Choose a password that would be difficult for others to guess
  • Never share your password or other credentials with other people


General Security Tips


In addition to the above, you can help secure your computer and the information you send online by following these everyday guidelines:


  • Routinely review security settings on your computer
  • Periodically review online accounts and remove outdated information (for example, unused payment methods or old address)
  • Be skeptical of requests for personal information
  • Install anti-virus software, and keep it current
  • Always sign out after accessing accounts on public computers, and don’t save your credentials on devices that aren’t yours


For More Information

Privacy Policy
Terms of Use