It’s 2020 and I still see personal accounts being hacked. The responsibility falls on you to protect your accounts be it email, social media or financial; you need more than a username and password for protection.
If you’ve never heard of two-factor authentication, which is commonly referred to as 2FA, it is a second layer of protection in addition to typing a password before gaining access to your accounts. These codes are typically needed when someone – even you – tries to access your accounts from a different browser or phone; i.e. not on your existing devices that you may have setup as a trusted one. Some services know when access is being gained from a different IP address to yours, and will notify you.
If you don’t want unauthorised access to your Instagram, Twitter, Gmail, PayPal, Uber, etc, it is best you consider turning on 2FA for these accounts. How it works is if someone tries to log into your account(s) because they know your password, the service will prompt them for another way to verify; usually through a numeric code.
I am not a fan of using SMS for 2FA because even your mobile number can be cloned, so therefore I recommend you use an authenticator app. Using a mobile number also has other limitations, like if you are in another country and need a OTP, which is why I love FNB for sending it to the app instead of SMS.
This is a very ‘generic’ how to because it could be an app of your choice but there are many services who offer the feature and I cannot go through all.
STEP 1: Find and download an authenticator app. I use Authy. There’s also Google Authenticator (I used to use this one), Microsoft Authenticator, and Last Pass to consider.
STEP 2: Create an account on the app of your choice and start linking your accounts.
STEP 3: You have to manually enable 2FA on each account. It is easier to just google it “Turn on two factor authentication for Gmail/Twitter/Instagram/Facebook” etc. It is a bit of admin but it will also be absolutely worth the peace of mind it brings.
- Tip 1: You sometimes have to use SMS first then toggle to an authenticator app.
- Tip 2: If you are given a QR code, you can scan it directly to the authenticator app when adding your accounts.
STEP 4: Test it by logging out of an account and log back in. You will be prompted for a code after typing your password. Authy gives you a code that is valid for 30 seconds only.
This is as simple as I can explain the process. I cannot stress how important and safe it is to have 2FA setup. If you are online and use email and social media, you need to have it setup.
PS Some services will give you a bunch of backup codes to screenshot when you turn the service on, or you can generate backup codes when you’re logged in (IG does this). This is useful to keep when, for some reason, the authenticator app will give you an issue.
Welcome to Wired to the Web. My name is Nafisa Akabor and I’m a technology journalist covering business and consumer tech for the last 15 years. I’m passionate about start-ups, smartphones, mobile payments, travel tech and electric cars. ✉️ firstname.lastname@example.org