Two-Factor Authentication is easy, free, and will save your digital life

Older style 2FA security token

Years ago I was a business-to-business sales rep for AT&T. As part of my job, I carried three pieces of equipment: a Blackberry, a laptop, and a keychain with a constantly changing LCD display. I quickly learned that this keychain was used for two-factor authentication. It was the key to accessing everything I needed on AT&T’s corporate network.

In a corporate environment, it’s easy to see why this extra step was required. But it’s every bit as important in your personal life, too. Which would you rather do: spend weeks explaining to friends that your Facebook or email was hacked, or type a few extra characters when you log into your various accounts?

What is Two-Factor Authentication?

Two-factor authentication (or 2FA) adds one small, additional step to your login process. This step most often involves entering a temporary code next to your login field. Unless you are in physical possession of the specific piece of equipment that generates the code (usually your phone), you can’t gain access to online accounts. It may seem like an inconvenience, but having this set up means that your online accounts are safe–even if a phisher or hacker gets ahold of your password.

How Does Two-Factor Authentication Work?

Two-factor authentication applications (like Google Authenticator) work by setting a common, secret algorithm that is controlled by time. The user’s 2FA application and the service the user is logging into will establish a mutual algorithm when the system is first set up. As time passes, the algorithm generates a changing code that is displayed to the end user. This same code is known to the service they’re accessing. If the user tries to log in with an expired or incorrect code, access is denied. Most codes rotate every 30-60 seconds.

How Do I Use Two-Factor Authentication?

Screenshot from Google Authenticator

The way 2FA is used varies from provider to provider, but the two most common ways are via text message or with a dedicated phone app like Google Authenticator. If your bank or favorite social media has texted you a code to log in, you’re already familiar with how it works.

Setting up 2FA is simple, but varies from site to site. Some of the more popular ones are below. Click the name of the service to go to their specific instructions:

Facebook
Google (including GMail)
Apple ID
Microsoft
Yahoo
Dropbox
PayPal (login required)

Hundreds more services offer 2FA–even small businesses and local companies. So if you’re not sure if it’s offered, just ask. (As a side note, we can even enable 2FA on a WordPress site.)

What happens if I lose my phone?

That’s the nightmare of the 21st century! Fortunately, there’s a provision for that. Many services that offer 2FA have an option for generating a list of one-time use codes. You may want to print them out and store them someplace safe–or even memorize one or two.

Two-factor authentication is one of the simplest and easiest ways to help secure your online life. There’s no reason not to set it up.