If you follow the news you’re probably aware of all the data breaches involving stolen passwords that have taken place of late.
The sad fact is there’s absolutely nothing you can do to prevent hackers from stealing your passwords and other sensitive info if they can somehow manage to break into the servers that are storing them.
About the only things you can do on your end is make sure you choose passwords that are secure and take care to avoid falling for phishing attempts.
But the above being said, there’s a very simply settings change you can make to most any online account that will keep hackers from logging into that account even if they somehow manage to get your password.
This setting is called Two-Factor Authentication, and it’s extremely effective at preventing the miscreants of the world from logging into accounts that belong to someone else.
In a nutshell, Two-Factor Authentication combines something only you should know (your account’s password) with a physical object that only you should have possession of (your mobile phone) to create a login procedure that’s just about as fool-proof as you can get.
Of course nothing in this world is entirely 100% fool-proof, but Two-Factor Authentication comes pretty close.
This is what typically happens when someone (including you) attempts to login to an account that protected by Two-Factor Authentication:
1 – You’re asked to enter the username (or email address) and password that are associated with the account.
2 – The website sends a unique one-time numeric security code to your phone either via a regular text message or a security app that you’ve installed on the device.
3 – You retrieve the security code from the text message or security app and enter it into the relevant field on the website’s login screen.
If the code you enter matches the code that was sent, you’ll be logged into the account. However, if the codes don’t match you won’t be allowed to log in, even if you entered the correct password.
As you can see, this is a very effective way to prevent hackers from logging into your accounts because they won’t have one essential thing that’s required in order to log in: your phone!
Most websites that support Two-Factor Authentication allow you to select whether to receive your security codes via text messages or a security app. Personally, I prefer using an app because that method is even more secure than text messages.
There are several excellent authenticator apps available in the Google and Apple app stores, but the one I use and recommend is the awesome Google Authenticator app.
If you have an Android phone you’ll find the Google authenticator app right here.
If you have an iPhone you’ll find the Apple version here.
Note: You’ll see that there are some less than flattering reviews for this app in the app stores. I’ve been using Google Authenticator for years and I’ve been very happy with it. Just my two cents…
The vast majority of websites now support Two-Factor Authentication (some sites refer to it Two-Step Authentication).
You should be able to quickly find instructions for enabling Two-Factor Authentication for most ant website or online service via a simple Google search.
Simply type something like this into the Google search box:
how to enable two-factor authentication on [website]
For example, if you wanted to enable Two-Factor Authentication on your Wells Fargo bank account you would type this into Google:
how to enable two-factor authentication on Wells Fargo
Pretty simple, right?
In the unlikely event that you’re unable to find instructions for enabling Two-Factor Authentication on a website you use via a Google search simply go into the account settings after you log in to your account on that site and search for the “Security” settings.
If the site does support Two-Factor Authentication you should be able to quickly track down the setting to enable it from there.
Bottom line: While using a strong password is essential to protecting your online accounts from hackers, enabling Two-Factor Authentication will add yet another (even more secure) step to the login process.
I strongly recommend that you enable Two-Factor Authentication on all of your accounts that support it, ASAP!