Security breaches, cybercrimes, and internet fraud should not be taken lightly. It is crucial for you to take the necessary steps to protect your online accounts. One great way to do so is to enable two-factor authentication. It is one of the easiest ways to bolster your online privacy and safety.
All about two-factor authentication
Two-factor authentication (2FA) is also sometimes referred to as strong authentication or two-step verification. It helps address the vulnerabilities of a standard password-only approach. It is a process whereby two of the three possible factors of authentication are required in order to access an account:
- Something the user knows (e.g., a password, PIN code, or answer to a secret question)
- Something the user has (e.g., a token, a mobile phone, a USB drive, or a key fob)
- Something the user is (e.g., face or voice recognition, behavioral biometrics, fingerprints, or a retina or iris scan).
Enabling 2FA on online accounts across the web
A wide range of online accounts and apps supports two-step verification or 2FA. Here’s how you can set it up on most of the applications you use.
2FA is available on the latest versions of iOS (starting from iOS 9) and macOS. For iOS 10.3 or later, you first need to go to Settings > [your name] > Password & Security. Then, turn on 2FA and tap continue. For iOS 10.2 or earlier, the process is pretty much the same, but after Settings, you need to go to iCloud and then tap on your Apple ID before proceeding to Password & Security.
For macOS, go to the Apple menu > System Preferences > iCloud > Account Details. Then, click on Security and turn on two-factor authentication. For both iOS and macOS, you can opt for Apple to send you the verification codes through a text message or phone call using your valid phone number.
Currently, 2FA is only available in the Instagram mobile app. On your profile, look for Settings, then click on Privacy and Security, which will show you Two-Factor Authentication among the choices. After clicking on it, you will also have the option to receive a code via your phone number or to use an authentication app, which you will need to download.
On your Facebook mobile app or web browser, go to Settings > Security and Login, then turn on two-factor authentication. It will give you the option to receive codes via your phone number every time you log in or to receive push notifications asking you whether to deny or allow a login attempt. You also have the option to enroll your devices under Authorized Logins so you may bypass 2FA for devices where your FB account is currently logged in.
For Twitter, find the settings and privacy menu, then access Account > Security. Next, toggle on Login Verification. Twitter will send a code to your number for you to log in.
You can turn on two-factor authentication for all your Google accounts by heading to the 2FA landing page. Just click on “Get Started” then it will require you to login to your Google Account. It will also provide an option for you to receive verification codes via text message or call. You may also opt to receive prompts on whether or not to allow a login attempt or to get a security key using a USB stick.
With the recent hack scares about Nest, it’s also essential that you immediately set up two-step verification for this smart home system. You will need to download the latest version of the app first, then toggle the switch on for the two-step verification under Account Security. It will then prompt you to input your password, phone number, and the verification code sent to you.
For all other apps or accounts not mentioned above, authenticator apps are available for you to keep track of verification codes that will be sent even without cellular service. Popular options include Authy, Google Authenticator, or HDE OTP (all available for iOS only).
Other forms of 2FA
You can implement 2FA in many different ways, and one of the most common is biometrics. It treats the user as the token, and it has evolved to have the capability to verify a person’s identity through fingerprints, retina patterns, and facial features.
ATMs and online banking also require forms of two-factor authentication. Users need to insert their ATM cards and input their security PIN, for example, before they can access their account. Online banking often requires not only the account holder’s username and password but also a verification code sent through either email or text (unless you’re on a device you’ve previously designated as “trusted”).
With more and more transactions taking place online, not to mention the inevitability of leaving digital footprints in the usual course of things, it’s more important than ever to be security-conscious. Two-factor authentication is just one way to protect your identity and personal information. You also have to make sure that you’re aware of other potential risks when you’re online, since vigilance is ultimately the best way to stay safe on the internet.