Getting Started with 2-Factor Authentication
What is 2-Factor Authentication?
2-Factor Authentication (2FA) has emerged as probably the single most important security tool you can enable to protect yourself online. A growing number of apps and services offer 2FA to their users, but most people either don’t know what it is, or perceive it as an added hassle and opt not to take advantage of the feature.
Definition
Multi-factor authentication (MFA) is a method of computer access control in which a user is only granted access after successfully presenting several separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge (something they know); possession (something they have), and inherence (something they are).
Wikipedia
Authentication Types
Knowledge: Password, PIN, secret answer to a security question, pattern lock, etc.
Possession: Magnetic swipe card, RFID chip, key, or other physical object.
Inherence: Biometrics such as: Fingerprint, Voice-print, Iris, etc.
How It Works
Most commonly for consumer apps and services, 2FA involves adding an additional step to the typical username/password form. When the app or service detects that a user is attempting to log in from an unrecognized device, it will force the user to enter the second authentication factor, typically a code either sent via SMS text message to the owner’s phone, or created via an app on their smartphone.
The second factor is only requested when logging in from a new device or following an update from the service. This means that you aren’t hassled with this process during each login. However it is enough to protect you from an attacker attempting to access your account from the other side of the world. Even if they steal or guess your password, they will not be able to enter the account unless they also have access to your phone.
Apps and Services
Below are a few key points to keep in mind regarding online security:
- Protect Your Identity: 2FA should be used for any service that offers it, but start by protecting your bank accounts, email, and social media. I suggest prioritizing services which, if compromised, would enable someone to steal your identity. Think critically about where you have the most to lose, and then reinforce your security.
- Preserve Your Reputation: It is important to protect your personal and company social media accounts with 2FA because they not only have a ton of personal information, but also the ability to broadcast messages to the entire world. If your account is hacked, the attacker can cause irreparable harm to your brand by publishing content which will appear to be coming from you. Simply put, it costs much less to set-up comprehensive security that follows best practices than it would to try and recover after being hacked.
- Get Help: Use twofactorauth.org. I highly recommend browsing through their database and enabling 2FA on any service you use which offers it.
Apple
If you have any iOS device (iPhone, iPad, etc.) or Mac, then your data is being backed up to iCloud. Securing that data is critical.
- Sign in to your Apple ID account page.
- Under Two-Step Verification, click Get Started.
- Answer your security questions and follow the steps to finish your set up.
Frequently asked questions about two-step verification for Apple ID
2FA for Facebook can be found in their settings for “Login Approvals”.
To turn on login approvals:
- Go to your Security Settings
- Click on the Login Approvals section
- Check the box and click Save Changes
After you turn on login approvals:
- If you haven’t saved the device (ex: computer) or browser you’re using, you’ll be asked to do so when you turn on login approvals. This way you won’t have to enter a code when you log in from any of your recognized devices or browsers. Don’t click Save this browser if you’re using a public computer (ex: a library computer).
- We need to be able to remember your computer and browser information so we can recognize it next time you log in. Some browser features block this. If you’ve turned on private browsing or set up your browser to clear your history every time it closes, you might have to enter a code every time you log in. Learn more.
Note: You need to have a mobile phone number listed on your account to turn on login approvals. You can add one to your account when you turn on login approvals.
Facebook Help: How do I turn on login approvals?
Your Google account covers all of their services, including: GMail, Google Drive/Docs, and YouTube. Google is also the company behind Android, the world’s most popular operating system for mobile devices. If you have an Android smartphone (Samsung, HTC, Motorola, or other non-Apple), your Google account is your primary login used to access the Play Store and your phone’s backup.
Microsoft
If you have a Windows 8 or Windows 10 PC, you likely sign in with a Microsoft account which might be tied to email on Outlook.com, live.com, Hotmail or another Microsoft-owned service.
To turn two-step verification on or off
- Go to the Security settings page, and sign in with your Microsoft account.
- Under Two-step verification, choose Set up two-step verification to turn it on, or choose Turn off two-step verification to turn it off.
- Follow the instructions.
Twitter’s Help Center Article: Using login verification
Links to Help for Other Popular Services
