Two-factor authentication (2FA) is a security feature that can be added to almost all accounts to prevent attackers from getting in even if they learn the password. When enabled, after entering a username and password on a new device, a user will be asked to confirm their identity using some other “factor,” which can be something they know (e.g. a PIN), something they have (a security key), or something unique to their body (a fingerprint). Most people choose to enter a code from their phone.
Why is two-factor authentication important?
Because it is very effective. Recently, IBM obtained video of Iranian government hackers attacking American accounts. They found that the attackers skipped any victim that had 2FA set up because of the increased difficulty of penetrating those accounts.
Which accounts need 2FA?
Unfortunately, hackers do not care about the distinction between personal and work life, so it is important to enable 2FA on all regularly used accounts.
Types of two-factor authentication:
2) Authenticator Apps: Next Best Option
An application that produces push notifications or codes which can then be used to unlock accounts.
3) SMS / Text Messages: Least Secure
Text messages that contain codes which can then be used to unlock accounts.
There are many free and secure authenticator apps, including ones made by Google and Microsoft. Authy is a secure authenticator that comes with many new features, including backups of codes, simple search functionality, and automatic logos for each imported account.
Some websites will only give an option for specific authentication apps, whether that is Authy, Google Authenticator, or Microsoft Authenticator. These instructions can be safely avoided; any of these authenticator apps will work for any website.
The rest of this guide is instructions on turning on 2FA on some of the most common accounts. Instructions for almost every account are available on the website twofactorauth.org or authy.com/guides/.
Below, this guide covers Gmail, Apple ID, Facebook, Twitter, and LinkedIn. These instructions are up-to-date as of October, 2020. The exact steps may change in the future - if so, please use either of the links above to contemporaneous guides.
Click any of the options above and Google will walk you through the process. Here are instructions for the authenticator app “Authy”.
Note: If you have a Mac and an iPhone you only need to turn on two factor authentication for Apple ID on one of these devices. Turning it on in one location turns it on in all locations.
These instructions are for the computer, but 2FA can also be set up through the phone.