Rick’s Tech Tips Newsletter
If you follow the news you’re probably aware of all the data breaches involving stolen passwords that have taken place of late.
The sad fact is there’s absolutely nothing you can do to prevent hackers from stealing your passwords and other sensitive info if they can somehow manage to break into the servers that are storing them.
About the only things you can do on your end is make sure you choose passwords that are secure and take care to avoid falling for phishing attempts.
But the above being said, there’s a settings change you can make to most any online account that will make it very difficult for a hacker to break into that account even if they somehow manage to get your password.
This setting is called Two-Factor Authentication, and it’s very effective at preventing the miscreants of the world from logging into accounts that belong to someone else.
In a nutshell, Two-Factor Authentication combines something only you should know (your account’s password) with a physical object that only you should have possession of (your mobile phone) to create a login procedure that’s very difficult to compromise.
Of course nothing in this world is entirely 100% fool-proof, but Two-Factor Authentication is extremely effective.
This is what typically happens when someone (including you) attempts to login to an account that protected by Two-Factor Authentication:
1 – You’re asked to enter the username (or email address) and password that are associated with the account.
2 – The website sends a unique one-time numeric security code to your phone (preferably via an authenticator app).
3 – You retrieve the security code from the phone and enter it into the relevant field on the website’s login screen.
If the code you enter matches the code that was sent, you’ll be logged into the account. However, if the codes don’t match you won’t be allowed to log in, even if you entered the correct password.
As you can see, this is a very effective way to prevent hackers from logging into your accounts because they won’t have one essential thing that’s required in order to log in: your phone.
Most websites that support Two-Factor Authentication allow you to select whether to receive your security codes via text messages or a security app. If at all possible it’s best to use an app because that method is a lot more secure than text messages.
There are several excellent authenticator apps available in the Google and Apple app stores.
Luckily, the vast majority of websites now support Two-Factor Authentication (some sites refer to it Two-Step Authentication).
You should be able to quickly find instructions for enabling Two-Factor Authentication for most any website or online service via a simple web search.
Simply type something like this into the your favorite search engine’s search box:
how to enable two-factor authentication on [website]
For example, if you wanted to enable Two-Factor Authentication on your Wells Fargo bank account you would type this into Google:
how to enable two-factor authentication on Wells Fargo
Pretty simple, right?
In the unlikely event that you’re unable to find instructions for enabling Two-Factor Authentication on a website you use via a web search, simply go into the account settings after you log in to your account on that site and search for the “Security” settings.
If the site does support Two-Factor Authentication you should be able to quickly track down the setting to enable it from there.
Bottom line: While using a strong password is essential to protecting your online accounts from hackers, enabling Two-Factor Authentication will add yet another (even more secure) step to the login process.
I strongly recommend that you enable Two-Factor Authentication on all of your accounts that support it, ASAP.