Two-Factor Authentication: Why You Need It and How It Works
Digital security has been in shambles for a while now. From the Target hack to the Yahoo! data breach, people’s personal information has been exposed and leaked over and over again. Plus, hackers are getting more savvy about getting access to our information. We talked about WordPress Security a while back, but it’s more than just your website. You have to protect your entire e-life.
Strong passwords are becoming required for most websites, but that’s still not enough sometimes. So more websites are encouraging users to enable two-factor authentication. Often abbreviated as 2FA, or referred to as 2-Step rather than two-factor, this is a method sites use to double confirm your identity. Step 1 is to enter your password. Step 2 is a verification code you receive to ensure it’s really you.
I’ll be honest. Two-Factor Authentication is a pain in the butt. It’s not bad enough that we can’t use our dog’s name and our birth year for our password anymore. Now we need another layer just to check our messages? Honestly, it’s better to be safe than sorry.
Where Should I Enable Two-Factor Authentication?
You should 2FA everywhere you possibly can. But the most important places you should enable it are sites that contain sensitive information:
- Anything having to do with your identity or having access to your social security number
- Your financial accounts, including your online banking, payment gateways, and cryptocurrency
- Your email accounts
- Online retail sites
- Your domains, web hosting, and content management system, like WordPress & Shopify
- Your online gaming accounts (remember, PlayStation Network had a breach in 2011)
- Your social media accounts
That’s really just a short list. The site TwoFactorAuth.org gives you a list of categories and websites, so you can see which ones offer it and which ones do not. I was surprised some big names don’t have the option available, like American Express, Citibank, and 1and1.
If you are a public figure, 2FA is especially important for you to use for your social networks. All these “my cousin hacked my account” excuses wouldn’t need to happen if you needed more than just your password to get into your accounts. Facebook, Instagram, Twitter (the big 3) all offer 2FA. It is imperative that you activate it for all of your public accounts so you are a less vulnerable target.
Need Help Enabling 2FA?
Telesign, one of the leading companies in the security space, has a site called Turn On 2FA that has step-by-step tutorials on enabling two-factor authentication on your most used sites and apps, including Instagram, Outlook, Amazon, Evernote, and more. Otherwise, go to the “settings” of your accounts, and it is usually under “Privacy” or “Security.”
There’s An App For That: Google Authenticator
Google has a free app available for iPhones and Androids called Google Authenticator. This app is basically your one-stop shop for the 2nd step in your two-factor authentication. When you install it, and link your accounts/profiles that have 2-step enabled, it generates a new random 6 digit code every few seconds.
One of the downsides of this app is that it is device specific. I downloaded it on my iPhone 6, and 2 weeks later, got the iPhone 7 and was essentially locked out of my MailChimp account for a minute. So before you switch devices, be sure you switch your Google Authenticator app’s access to your device.