So you have a Google Account, a WordPress Account, a Facebook Account, a Twitter account… and you more than likely have used the same password or a password which is not all that secure. How can you prevent someone other than yourself from accessing your account? Its actually pretty easy…
Two factor authentication allows you to use an app on your smartphone, or to receive a phone call or SMS to confirm that it is you who is trying to log into your account. My favourite is the Google Authenticator app, it’s available for iOS, Android and Blackberry devices. There are other options, but Google’s allows you to scan QR codes to set up and it has a clean and simple interface. Once you try to log in you will be prompted to enter a code, open up the app and you will get a token (this is a randomly generated code) which you will need to enter to complete the log in process. Essentially like a Chip & Pin security device that you might get from your bank.
Your first step will be to download the app, you can get it from:
You will now need to enable 2-factor authentication on your account, the steps differ for each type, but here are the links that you will need to begin for the ones that I have mentioned above.
- Google – http://www.google.ca/landing/2step/
- Facebook – https://www.facebook.com/help/148233965247823
- WordPress – http://en.support.wordpress.com/security/two-step-authentication/
- Twitter (Need the Twitter App or SMS) – https://blog.twitter.com/2013/getting-started-with-login-verification
What’s the downside? Well if you don’t have your phone with you, or you lose your device you might not be able to access your accounts. To combat this, you get a set of ‘backup codes’ when you first set up your authentication. You should keep these in a safe place, a wallet, or in a safe… they really are your lifeline to your accounts, whilst this sounds scary, if you are smart it shouldn’t be a problem.
Also you can trust a device on most platforms for a set amount of time, and you can withdraw this permission, if for example the device was stolen, remotely.