Start using two-factor authentication right now to protect yourself from hackers

Here at CREDO, protecting your privacy is a core value of our company. Your personal data isn’t for sale, and we work to protect your data from government intrusion.

But your personal data is at risk in other ways. Hackers and scammers are always looking for new ways to access email, social media, bank and investment accounts and other sensitive data. In fact, reports of hacking rose substantially during the pandemic — up to 4,000 cyber attacks per day! — and last year, the Federal Trade Commission received 1.4 million reports of identity theft, twice as many as 2019.

One of the best ways to secure your most important accounts is by turning on two-factor authentication. It’s one extra, yet quick and easy step to ensure your accounts remain a little bit safer amidst the skyrocketing number of hacking attempts. Here’s how to set it up.

We should begin by emphasizing that while two-factor authentication is one of the best ways to secure your accounts, it’s not the only step you should take to protect your data from intrusion. 

In addition to keeping your computer, phone and other devices updated with the latest patches and system software, it’s extremely important to pick unique and complex passwords for your important accounts, like your primary email account, financial accounts, social media, data storage and the like. 

You should also consider using a password manager to securely store and retrieve your passwords. We’ve written a detailed blog post on how to get started with password managers.

We’ve also previously written a tip on how to protect yourself from common online and phone scams that may be worth checking out, too. 

What is two-factor authentication?

Also known as two-step verification or multi-factor authentication, two-factor authentication is a way of accessing your accounts using two separate steps to verify your identity. The first step is the one you’re most familiar with: A username and password combination. The second step requires a separate identifier, like your phone, an app, a physical key, or even a biometric, like a fingerprint. 

For example, to log into your email account with two-factor authentication turned on, you would first log in with your username and password. Then, depending on the method you’ve chosen, you may receive a text message, a pin number sent a secondary email account, or be required to enter a pin from a special app on your phone. Having this second step makes it much harder for hackers to access your personal information.

How to two-factor your accounts

Today, many common online services, like Google, Apple, Facebook, Twitter, as well as most financial institutions, have the option to turn on two-factor authentication. It’s possible that some of your online accounts, including accounts associated with your workplace or school, require it. It’s a good idea, if the service has the option, to turn it on. Using two-factor is usually a very quick and simple extra step, and many times, the app or website will remember the device you logged in from, so you will only have to perform the two-factor once per device login.

In terms of two-factor methods, a code sent by text or SMS message is the most common, but probably the least secure, since the messages are unlikely to be encrypted. Some services allow you to receive a code to your primary email address on file. Authenticator apps, which are more secure, are apps that you install on your smartphone and pair with your service by scanning a QR code (see our tip on scanning QR codes), that provide you with a disappearing pin number to use to verify your identity. Here’s more about authenticator apps and a list of the most popular ones.

One quick note: The drawback to using two factor authentication is that you must be in possession of your secondary method of verification, whether that’s your phone, tablet, app, or email address. If your account or service allows you to use a backup method to authenticate your identity (say, text message and email), turn more than one method on just in case you lose access to your primary devices.

How to turn on two-factor authentication for popular accounts and services

Here’s a quick reference guide with links to instructions for some common accounts and services so you can begin turning on two-factor authentication right now and protecting your accounts from hackers and other criminal activity. In addition to the services below, make sure to check with your financial institutions on turning on two-factor authentication for these important accounts, too.