December 5th, 2016
In this season of travel, shopping and giving it’s tempting to make your passwords and logins super simple to save time and the hassle of having to remember them. It is precisely because of this hectic time of year we recommend increasing security measures to protect your online accounts.
Many times, when you log into a website, you use just your username and password: this is called single-factor authentication. The problem with single-factor authentication is that it often does not provide enough security; passwords can be stolen and accounts can be hacked.
You may want to try something more secure to prevent hackers from gaining access to your internet accounts. Even if you’re not sure what it is, you probably already use a higher level of security called “two-factor authentication” in some areas of your life. Two-factor authentication (also written as “2fa”), as the name implies, requires two factors: something you know, like a password, and something you have, like a phone. When you gas up your car and have to enter your zip code after inserting your credit card, you are using two-factor authentication. When you set up two-factor authentication on an account, your two factors are often your user name and password (something you know) and a code which is sent to your phone (something you have). There are other options for 2fa, but many websites just text your phone. Depending on the type of account, you may be required to enter your code each time you log into your account, but sometimes you just enter the code the first time you log in using a smartphone, tablet, or computer that you didn’t use previously to access your account.
Setting up 2fa is usually quick and easy; if you have a phone, it is free. While including 2fa in your online security plan is a good idea, you should consider a few factors before deciding if it is the best option for you. You will likely have to provide your phone number to the account you are securing, so they can text you. If you lose your phone, you will have a harder time accessing your protected account, though there are often backup options. Even though 2fa is a great way to secure your account, don’t assume that it makes that account invulnerable; determined hackers can still gain access to it.
If you have decided to use 2fa, start with your most sensitive accounts: those which involve money, such as an online bank, PayPal, or somewhere that you may have stored a credit card to shop, such as Amazon.com, Google, or iTunes. Be aware that your new security measure isn’t necessarily going to be called “two-factor authentication”. Amazon.com’s version is called two-step authentication, and is set up by going to Amazon’s advanced security settings.
Especially if you post to social media for work, consider securing your social media accounts. Facebook security was mentioned in an earlier blog post. While not yet available to everyone, Instagram started to roll out their own 2fa earlier this year; check your settings to see if you can turn it on. Both Twitter and WordPress have 2fa available.
Using 2fa can add a valuable security layer for email. To see if it’s available for your specific email client, check TurnOn2FA.com.
With just a few steps, you can give yourself a little extra security. Good luck with 2fa!
Are your accounts secure enough?