Safety & Security

All Aboard the Two-Factor Band Wagon

The scary-sounding, non-scary little security setting that helps protect your major online accounts from hackers: two-factor authentication. We introduced this concept last February, and since then Facebook, DropBox, and Yahoo! have joined Google in offering this extra security measure. One minute to turn it on is well worth it.

Think of these little speed-bumps in your digital life just as you do the locks on your home, your car, the locker at the gym. Not always convenient, but still a pretty good idea.

OK, here’s the deal. Two-factor authentication works like this:

There is no need to write anything down; each verification code is only good once. Typically you can choose to re-verify either every time you sign in or only when you sign in from an unrecognized computer or device. And they all provide a backup method for receiving codes, like via a voice message to your landline – if for example your mobile is lost or the battery is dead.

Facebook’s Login Approvals

We know you have a Facebook account, so let’s start there. Open it up and navigate to Account Settings -> Security. Then select “Login Approvals” and follow the instructions from there. It’s so simple, you don’t even need these step-by-step screen shots from Facebook, but just in case.

Yahoo’s Second Sign-In Verification

For Yahoo!, click here to begin setting up your second sign-in verification. (After logging in, if this link doesn’t take you directly to the second sign-in page, open Yahoo! and navigate to Account Info and find it under Sign-In and Security.) Follow instructions from there. I think you’re getting the hang of this!

Dropbox Two-Step Verification

For Dropbox, click here to begin setting up your two-step verification. (After logging in, if this link doesn’t take you directly to your Dropbox Security page, open Dropbox and navigate to Account -> Settings and then click on the Security tab.) Scroll down the page and enable “Two-step verification” under Account Sign in.

Google

Finally, let’s revisit Google if you haven’t already set this one up. Click here to turn on Google’s two step verification. (After logging in, if this link doesn’t take you directly to the right place, open Google and navigate to Account -> Security.)

2 Comments

  1. Terra

    09/05/2012 at 12:18 pm

    I use Two-Factor Authentication across a lot of my accounts. I feel a lot more secure when I can telesign into my account. If you have that option available to you use it, it is worth the time and effort to have the confidence that your account won’t get hacked and your personal information isn’t up for grabs. I’m hoping that more companies start to offer this awesome functionality. This should be a prerequisite to any system that wants to promote itself as being secure.

    1. Richard

      09/06/2012 at 12:12 am

      Thanks Terra for sharing your thoughts with us. You’ve done the right thing, and the more people that hear about it and how it really is easy to do, the less times we’ll have to read articles about how Linkedin or some other company has had millions of passwords stolen. Those passwords alone are not sufficient. And horror stories like the poor guy who had attackers rifling through all of his accounts by exploiting how Amazon and Apple perform forgotten-password-recovery would simply not happen.

      However its important to keep in mind that 2-factor auth is a mitigation – it is not an outright solution. Phones get stolen. Transmissions can be overhead. There are still more work to be done, just as bolting your front door and setting your alarm code is still not all you should be doing about physical security. There is always more we can do to improve our own personal security and that of those around us. Most importantly, always remain vigilant!

Leave a Reply to Richard Cancel