In a world of online connectivity, smarter hacking techniques and obvious privacy concerns, passwords are no longer considered the strongest link in account security. Understating customers’ need for extra protection, Google, Twitter, Facebook and other popular services added a new layer of security to their accounts by implementing two-factor authentication.
Two-factor authentication is a security feature that requires users to confirm their identity by entering a code sent to a device after signing in. As with many banking services, the extra step is meant to double access strength and reduce the risk of data thieves breaking into people’s accounts, even if their password is stolen or cracked.
Here is a step by step guide to adding two-factor authentication to your frequently used services.
If someone breaks into your Gmail account he can buy apps on Google Play, hijack Google+ accounts and access your confidential Google Drive documents, so here’s how to set a second line of defense:
But what if you lose or misplace your phone? To generate codes when you can’t access your device, you can send codes to a backup phone number, print up to 10 unique backup codes (one for every login) or you can register the device (computer, tablet, phone) you frequently use and skip the code-generating process.
If you lack an Internet connection or service, Google recommends installing the Google Authenticator mobile app, which generates the codes you need. Go to the web-based account, find security settings and click Switch to app. After choosing the device’s operating system, link the account by scanning a QR code or manually. If you have no barcode scanner installed, click the option Can’t scan the barcode. A new key will be displayed. Insert it in the mobile app by selecting the option Enter Key Provided> Add.
If you have multiple Google accounts, you will need to sign into each of them from a computer to set up the service for all of them.
Facebook’s Login Approvals can be implemented as follows:
For its mobile app for Android and iOS, Facebook provides users with two other options: to activate a code generator or use App Passwords, which sets a one-time password for other apps using Facebook, such as Skype, Xbox and Spotify, which can’t use Login Approvals but still benefit from Facebook access.
Twitter is a very public place, but you don’t want strangers posting on your behalf. To tighten your security:
To use Twitter on other devices or applications that require your Twitter credentials, such as Twitter for Mac, users need to use a temporary password. Twitter detects if a password is needed and sends it via a text message. Users can generate it themselves by going to the Password tab in their web-based account, clicking Generate, entering the account password and pressing Generate again. The 12-character combination of letters and numbers is valid for only an hour.
Read more about securing your Twitter account.
Dropbox
Acting as a safety net against data loss hazards, Dropbox stores your most intimate pictures or work files in the cloud. Some of them are unrepeatable, so make sure your data remains safe:
To access the Dropbox mobile app, users will need to scan a QR code, provided by a third-party authentication app such as Google Authenticator.
Yahoo
Implemented in 2011, Yahoo’s second sign-in verification feature has been updated to make the process as simple as possible:
You will also see a pop-up message saying that certain apps don’t work with this feature and you will need app-specific passwords to login. To solve this issue, a new option, Manage your app passwords, will appear in your Sign-in and Security list.
Interestingly enough, Yahoo still gives users the option to lock their accounts with security questions and doesn’t provide the option to use a third-party authenticator app.
PayPal
Financial services carry highly sensitive information. PayPal locks this information with security key that can be issued by a small token or the user’s mobile device (free of charge).
PayPal also offers email authentication to clearly identify its emails to email providers, such as Yahoo! Mail, and help prevent phishing scams.
Apple
The Apple ID is the key to many Apple-related things, including music, books or app purchases, so enhancing account protection should not be disconsidered:
You will also get a 14-digit Recovery Key in case you lose your device or forget your password. As a basic security measure, Apple may not allow two-step verification if significant changes were recently made to user’s Apple ID account information, including a password reset or new security questions.
Do you currently use or plan to enable this feature to secure one or more of your accounts?
tags
Alexandra started writing about IT at the dawn of the decade - when an iPad was an eye-injury patch, we were minus Google+ and we all had Jobs.
View all postsDecember 19, 2024
November 14, 2024