Pages

How Two-Factor Authentication Keeps Your Accounts Safe

If you want to keep your online accounts safe, adding two-factor authentication (2FA) is the single most important step you can take. While no security measure is 100 percent hackproof, 2FA is going to go a long way to locking down access to your important accounts.

As the name suggests, 2FA adds another level of authentication to the login process. It means you need something besides your username and password to get into your account, and with swaths of login credentials regularly published online, it's in your best interests to put that additional step in place.

It doesn't take long to put 2FA in place, and the next time someone else tries to access your account with a stolen set of login details, you'll be glad you did.

Logging into your accounts with an email address and password is fine, up to a point, but these details can get lost, stolen, guessed, or teased out of you with some clever social engineering. Two-factor authentication adds another access barrier for unauthorized visitors who have gotten hold of your primary login credentials.

Two-factor authentication, and the similar two-step authentication, which is sometimes treated as a different mechanism and sometimes not, means you need another bit of information besides your password and email address. Commonly in most consumer apps, it's either an SMS code sent to your phone, or a code generated by a dedicated authenticator app.

When you're setting up 2FA, you're asked to prove that you're the owner of your phone and the associated cell number, and that gives you the authorization to generate and receive codes. Unless hackers get access to your phone as well as your email address and password, they won't be able to log in. 2FA codes are sometimes sent via email as well, and in some cases can be replaced by a physical object like a USB key, which you'll need to get into your account (Google offers this as an option).

For most services and accounts, this extra code isn't required every single time you open the app or site, that would get tedious very quickly. Instead, 2FA jumps into action when you try to log in on a new device that you haven't used before or haven't accessed in a long time, like a new phone or a laptop that hasn't been associated with your account in the past.
more of this post ▼
An authenticator app is one of the best 2FA options, as there's no way for shady characters to intercept the codes (which is a risk with SMS and email) without physical access to your phone. You have a choice of apps: Authy is just about the best in the business, while Google and Microsoft offer very competent apps too. Some popular password management apps (such as Dashlane and LastPass) include an authenticator app.

We're seeing a growing use of biometric information like a fingerprint or a face as that second authentication step, which should make two-factor authentication even more secure and convenient in the future, provided the technology continues to evolve. Adding 2FA is a quick and simple process most of the time, and there's really no excuse not to set it up if you have the option, just remember that it should be used as part of overall good security hygiene, not in isolation.

Many apps and services offer 2FA now, especially those that store important and sensitive data: emails, financial information, files, social media, contact details, and so on. Most of the accounts that don't have a 2FA option, such as Netflix, for example, aren't at such high risk from attack, hackers usually aren't so interested in binge-watching Netflix Originals and messing with your recommendations.

Every service uses 2FA slightly differently, but the option shouldn't be too hard to find. For Google accounts (which cover Gmail, Google Drive, YouTube, and more), head to your Google account page on the web and then click on Security to find the two-factor option, as the second step of authentication, you can use an authenticator app, have prompts appear on your registered phone, or have SMS codes sent to your cell number.

In the case of Apple accounts, your best option is to use an iPhone or a Mac to switch 2FA on. On iOS, from Settings, tap on your name, then select Password & Security and Turn On Two-Factor Authentication. On macOS, you need to start from System Preferences and then choose Apple ID, Password & Security, and Turn On Two-Factor Authentication. Verification codes can be sent via SMS, and they will appear on other devices using the same Apple ID that you have previously registered with 2FA.

Microsoft has two-factor authentication protection on its accounts as well. If you head to the Security page inside your Microsoft account portal on the web, you can pick More security options and then Set up two-step verification to begin the process of turning it on. To get your secondary code when you sign in on a new device, you can use a phone number, an email address, or an authenticator app.

Most social media apps also have 2FA available to protect your account: You can find the instructions online for Facebook, Instagram, Twitter, Tumblr, Snapchat, and even LinkedIn, for example. The steps involved and the methods of authentication vary a little between these services, but the result is the same, even if someone else gets your username and password, they won't be able to log in.

You'll find two-factor authentication in plenty of other places too: File management apps such as Dropbox and Box, organizational apps such as Evernote and Trello, chat apps such as Signal and WhatsApp, and many more. You can also use 2FA to protect your accounts on Xbox, PlayStation, Steam, and Nintendo Switch. If your favorite apps don't support two-factor authentication, ask the developers why not.

There's no absolutely foolproof way to make sure your online accounts are never going to be accessed without authorization, but 2FA is one of the best ways to reduce that risk to the lowest it can be. Just remember that nothing's perfect, so don't let your guard down.

Most online services will have backup access methods available should you lose your phone and not be able to validate 2FA requests. These methods vary but aren't widely publicized, for obvious reasons: If it's common knowledge how the big tech companies perform account resets, then it's easier for unauthorized parties to try to circumvent them.

Google, for example, provides backup codes that you should write down and keep in a safe place. Apple will ask you for various pieces of information to prove you are who you say you are before it will let you back into your account, these could be, which model of iPhone you most recently had and which Apple services you're currently subscribed to (anything that an imposter might not know).

Facebook also has an account recovery method in place: You can nominate trusted friends to verify your identity if you ever get locked out of your account. It would be very easy for you, but very difficult for a hacker, to get three of your closest friends to independently confirm that you are who you say you are and that you need to be let back into your account.

The point is that you should make yourself familiar with these various alternative modes of access and account recovery, set them up where needed, and then keep them as well protected as you do your usernames and passwords. In other words, don't keep your Google account backup codes on a sticky note next to your laptop.

Even with 2FA in place, your accounts are only as strong as their weakest point: If you've set up two-factor authentication on your Microsoft account, for example, but not on the alternative email address that you use to recover access to your Microsoft account, then that's a potential route in for someone else.

Credit: wired.com

Posted by web✯ster
Labels:

No comments:

Post a Comment

LABELS INDEX:

* (5) 2038 Problem (1) 3G - Goodbye (1) 5G (2) Abine Blur (1) Activation Lock (1) ADAS (1) Add sound to Impress (2) Address Book (1) AirTags (3) Amazon (3) Android (2) Android phone (2) Annoying Ads (1) Anti-Virus (1) App Store (1) Apple Bytes-2019 (12) Apple Bytes-2020 (19) Apple Bytes-2021 (13) Apple Bytes-2022 (10) Apple Bytes-2023 (11) Apple Glass (1) Apple Maps (1) Apple Repair (2) Apple Support (2) Apple TV (1) Apple Watch (6) Archives of CTC (7) ARM M1 Processor (1) Attachments (1) Audio Files (1) Autonomous (1) Avast (1) Backups (3) Bank-fraud (1) Battery Icon (1) Battery life (4) Battery Replacement (1) BCC (1) Best Buy (1) Big Data Mining (1) Big Sur (1) Bloatware (1) Board Minutes 2019 (12) Board Minutes 2020 (12) Board Minutes 2021 (12) Board Minutes 2022 (12) Board Minutes 2023 (12) Board Minutes 2024 (2) Boom Supersonic (1) Browser Attack (1) Browser Settings (1) Browser Tabs (1) browsers (1) Cache (1) Camera App (1) Caps Lock Indicator (1) Car charging (1) Car Door Lock (1) Cell phone strength (1) Cell Phones (1) Charge Cycles (1) Chevy Bolt (2) Chrome browser (2) Chromecast (1) Clone vs Image (1) Cloud Computing (1) Colorado (1) Construction (1) Contact Removal (1) Converting CDs (1) coronavirus (1) Coupons (1) COVID-19 (1) Covid-19 Detection (1) CPAP Recall (1) CTC 2023 ISP Survey (1) Customer Support (1) Dash Cams (1) Default browser (1) Delete Apps (2) Digital Estate Planning (1) Disable Thumbnails (1) Disk image (2) DogWalk malware (1) Domino's (1) Download Videos (1) Drive Partition (1) Driver Assistance (1) Drones (3) Drywall (1) DuckDuckGo (4) E-bikes (1) E.A.S.Y Pay (1) ebooks (1) Edge (1) Edge Browser (4) EdgeDeflector (1) Electric Bicycles (2) Electric car batteries (1) Electric Cars (6) Electric Trucks (1) email (1) Email Aliases (1) EV (13) EV Charging (1) External Storage (1) Facebook (4) FaceTime (3) Fake Reviews (1) Fast Charging (1) FBI Warning (1) Fiber Optic Cable (1) FIDO (1) File & Folder Icons (1) Firefox (2) Firefox Relay (1) Fitbit (1) Force Quit (1) Future Tech (1) Gmail (2) Gmail Contact (1) Googerteller App (1) Google (1) Google Maps (1) Google Music (1) Google Play Store (1) Google Search (1) Google TV (1) Group Text (1) Hacking (3) Harley-Davidson (1) Headlights (1) Healthcare (1) ID.4 (1) Identify Music (1) Image vs Clone (1) iMessage (2) Incognito Mode (1) Instagram (1) Intel Drivers (1) Internet Explorer (1) Internet of Things (1) Internet speed (1) iOS 13 (1) iOS 14 (2) iOS 15 (2) iPad (5) iPad Air (1) iPadOS 15 (2) iPhone (16) iPhone 12 (1) iPhone Battery (2) iPhone SE (1) iPod Touch (1) ISO Files (1) ISP Down? (1) Karen's Replicator (1) Keyboard (1) keyboard shortcuts (2) LibreOffice (1) LibreOffice Impress (1) Linux Mint 19.2 (1) Lithium-Iron Phosphate (1) M2 Processor (1) Mac (1) Mac Tips (10) MacBook Air (2) macOS (4) Magnifier (1) Mail App (1) Malware (4) Mars (1) Masked Email (1) meetings (6) Microcomb (1) Microsoft (1) Mirroring Tips (1) Mobile Wi-Fi Hotspot (1) Mouse Speed (1) MyHealtheVet (1) NASA (1) Norton (1) old computers (1) OneDrive (1) Ookla (1) Oregon (1) Oura Rings (1) Outlook (1) Parallels 18 (1) passwords (1) PDF (1) PDF Editing (1) Phishing Scams (1) Phone Data Swap (1) Phone Scams (1) Plug & Charge (1) Pop-Up Blocker (1) Portable EV Chargers (1) print spooler (1) Printer problem (1) printers (2) Privacy (5) Privacy Settings (1) Private Browsing (1) Pro Pilot (1) RAM (1) RAM 1500 REV Pickup (1) Range anxiety (2) Range Extended Vehicle (1) Ransomware (3) Rebooting (1) Recharge Cycles (1) Remote control (1) Robots (1) Roomba robots (1) Router (3) Samsung Drive Storage (1) Samsung Gallery Sync (1) Scams (1) SD Cards (1) Search Engines (3) Search Tips (1) Secret Button (1) Security Flaw (1) Security Key (1) Security Warning (1) Sharing From Phone (1) Short Codes (1) Show Wi-Fi Password (1) Signal Strength (1) Sion (1) Siri (1) SkyDrive (1) Slide Over (1) Slow Internet (1) Smart Glasses (1) Smart Home (1) Smart Toys (1) Smartwatch (1) Solar-powered EV (1) Sono Motors (1) Speed Wars (1) Split Screen (1) Split View (1) Spreadsheets (1) Spy Pixel (1) Start Up (1) Startpage (1) Streaming (1) Streaming Services (1) Street View (1) Surface Duo (1) Surface Earbuds (1) System Tray (1) Tab Syncing (1) Tbps (1) Teams (1) Technology Channels (1) Telegram app (1) Tesla (6) Tesla Adapter (1) Tesla Model 3 (1) Texting (1) Tracking (1) Tracking Pixel (1) Two-Factor Authentication (2) Undo Send (1) Unlock Phone (1) Update problems (1) USB drive (1) USPS Informed Delivery (1) VA access (1) Verizon (1) Vertical TV (1) Video Conferencing (1) Videos (3) Voice Assistant (1) Vultur (1) VW (1) Web Beacon (1) WhatsApp (1) wi-fi (2) Wi-Fi Hotspot (1) Widgets (1) Win 10 Performance (5) Windows (1) Windows 10 (9) Windows 10 Tips & Tricks (1) Windows 11 (8) Windows 7 (1) Windows S Mode (1) Windows Update (1) Windows update problem (1) Wink (1) Winstall (1) Yahoo mail (1) Yippy (1) You've Been Hacked (1) YouTube (1) Zero Emissions (1) Zoom (2)