Google, respecting, plans to automatically enroll 150 million users for two-step verification and require two million YouTube creators to activate the security feature by the end of 2021. Have a second form of authentication when you sign in. logging into your accounts dramatically reduces the likelihood of an attacker gaining access to your personal information, the search giant said in a blog post.
Setting up two-step or two-factor authentication (also known as 2FA) is becoming common to prevent crooks and fraudsters from taking control of your identity and accounts – and proving that you really are you – same. This is because it uses a second action to confirm your identity, for example before doing online banking.
Two-factor verification goes hand in hand with the use of awhich configures and remembers complex passwords which are much more secure than a small set of words and symbols, such as P4ssW0rd *. Using both would enhance the security of your account. While two-factor authentication can take a long time to set up for each account, it’s relatively simple to set up and use, and well worth the effort.
In the spirit of cybersecurity awareness, we also recommend that you check whether your(then change them) and seriously consider a password manager if you don’t already use one (we , corn ).
What is two-factor or two-step authentication?
Two-factor authentication (also sometimes written as 2FA) is also commonly referred to as two-step verification or multi-factor verification. For the sake of simplicity, I’ll call it two-factor authentication or 2FA for the duration of this article.
Think of two-factor authentication as an added layer of security for your online accounts. If you’re not using 2FA on an account, your login process involves entering your username and password, and that’s it. Two-factor authentication adds an extra step to this process. First you enter your username and password and then you will be asked to enter a one-time passcode (sometimes also referred to as an OTP) which is usually a six to eight digit number. . You get this number, which changes every 30-60 seconds, via an app or text.
Once you have entered this code, only then will you have access to your account.
Indeed, a potential villain would need to know your username and password. and have either taken your phone number or have physical access to your phone and the authenticator app of your choice to log into your bank’s website or email account. There is still something to keep in mind.
For optimal security, do not use SMS to retrieve your codes. Instead, use an app
When two-factor authentication started rolling out across various websites and services, almost all of them only supported sending your one-time password via SMS. And while this is a convenient and easy way to receive your codes, it is alsoDue to .
SIM swap fraud occurs when someone calls your wireless carrier pretending to be you and convinces the employee to change the SIM card linked to your phone number. With all of your incoming calls and texts now routed to someone else’s phone, they can log into any online account that has been part of any sort of data breach or hack.
Hackers like, which contained enough personal information about a customer for anyone to impersonate you when they called customer service, as well as PINs that customers added as an added security measure.
See how quickly things can get out of hand if you use SMS to receive, say, 2FA codes from your bank?
If possible, use an authenticator app such as Google Authenticator or a.
I use a password manager to create and store all the passwords for my account, as well as my one-time passwords. The app not only lets me know when a new service supports two-factor authentication, but it also copies and pastes the code when I log into an app or website, making the whole thing of the process of using painless 2FA.
In addition to being more secure, an app does not require an active internet connection to show you the current code assigned to your account. This means that if you are traveling and taking a plane, you can still access your code, which you cannot do if you need to receive it via text.
Don’t neglect saving recovery codes
When you go through the two-factor authentication setup process, you will be prompted to register a recovery code (or series of recovery codes). DO NOT SKIP THIS STEP.
This recovery code is what you’ll use to get back into your account if something happens and you lose access to your two-factor authentication codes. It’s not something companies like Apple take lightly. Without this code, your account is closed, and with it all the data it contains.
Hypothetically, let’s say your 2FA codes arrive via SMS. After a fun night out with friends, you realize that your phone is no longer there, and with it, access to your OTP codes. And the only way to log into your bank account or carrier is to use a one-time password, unless you have a recovery code.
Believe me, as someone who has had to redeem a recovery code once or twice, in the future you will thank you for showing up for saving your recovery code.
I suggest saving everything related to recovery in a password manager and take a screenshot of the code that you can store in a safe place, even print it out and keep it in a file.
Guidelines for two-factor authentication on popular websites and services
Here are links to the appropriate account settings page for setting up 2FA, or to the appropriate support page detailing how to enable 2FA for businesses and popular websites. If a business is not in the list below, I recommend that you search for the two-factor business name in the query (eg, “two-factor Facebook”).
The 2fa.directory website has a searchable database with direct links to the appropriate support page for many websites. You should too, and to limit the chances of you experiencing SIM swap fraud yourself.
Yes, two-factor authentication is worth it
You’re right, to an extent 2FA is a problem. But it could be worse. The longest part of the process is setting it up for all the online accounts you have that support it. After that, waiting for a code via text messaging or using an app to access the code is a snap, and you will quickly adjust to just being part of your normal routine.
We haven’t come across anyone who particularly enjoys using two-factor authentication, especially on a linked Apple account, because it sends an alert to every device you own, but we do because it protects our personal data and information. financial. If someone were to gain access to our accounts, it could quickly wreak havoc on our personal and professional lives, and it would take weeks, if not months, to put all the pieces back in place.
Don’t believe us? Read this story on CNET’s sister site, ZDNet. Several years ago, mobile contributor Matthew Miller had his T-Mobile SIM card redeemed, and the author then quickly deleted his entire Google account, used $ 25,000 from his bank account to buy bitcoin and blocked him out of his Twitter account – and that was just in the first hour or so.
The small inconvenience of two-factor authentication will go a long way in saving you even more hassle.