Skip to content

Trending tags

Two-factor authentication: what it is and how to enable it

Luciano Hernández

29.10.20 4 min. read

Two-factor authentication is a way to secure your online accounts from unauthorized access. It is also known as multifactor authentication, two-step verification, MFA and 2FA. When signing in with 2FA on, after entering your login credentials you need to verify with a second method it’s really you who’s signing in. This happens usually through a one-time passcode sent in a text message, biometric scan (fingerprint, face recognition), hardware key or an authentication app.

The goal of two-factor authentication is to make sure only you have access to a user account or certain information in case your password gets stolen or otherwise compromised.

Why protect your online accounts?

Many user accounts include sensitive personal information such as full name, home address, phone number, credit card details, etc. Online criminals go to great lengths to get this information. They can use it to make money. And guess who pays? Not the criminals.

Criminals can use stolen personal details for identity theft. For example, they can use stolen credit card details to buy goods or to take loans in the victim’s name. They can also extort the victim – or just use their Netflix account. Many criminals simply sell stolen information for others to use. There are multiple ways they can profit from stolen information. None of them are pleasant to the victim. This article tells more about why criminals want your personal details.

How two-factor authentication helps you protect your accounts

Often the only thing that protects your online accounts and the information within is a username and password combination. Criminals have their ways of stealing login credentials. You can protect yourself from viruses and malware that try to steal your info from your devices. But there are other threats. Every year hackers steal billions of user credentials from online services in data breaches. Unfortunately, there´s nothing you can do to prevent that.

What you can do, is make sure that hackers can’t log in to your accounts with just your password. That’s where two-factor authentication jumps in. When entering your login details, criminals would still need to get through a second barrier that is often accessible only to you. Even if your password gets stolen, your information is still safe. Hackers won’t be able to steal your credit card information or other sensitive stuff. At least not easily. Making things harder for them can make them search an easier target.

How to enable 2FA in popular online services

As said, criminals can use stolen information in different ways. Any online account that includes your personal details should be secured with 2FA when possible. Here are instructions on how to enable 2FA in popular online services.

How to enable 2FA on Facebook

Go to: Settings & Privacy -> Settings -> Security and Login -> Two-factor authentication -> Use two-factor authentication -> Edit

How to enable 2FA on Google

Go to: myaccount.google.com (or access your Google account through your Android device) -> Security -> 2-step verification -> Get started. When switched on, your Google account, Gmail and any other Google service are protected.

How to enable 2FA on Instagram

Go to: Settings -> Security -> Two-Factor Authentication -> Get started

How to enable 2FA on Twitter

Go to: Settings and Privacy -> Account -> Security -> Two-factor authentication

How to enable 2FA on Amazon

Go to: Your account -> Login & security -> Two-Step Verification (2SV) Settings -> Get Started

For any other service not listed above, you’ll find how to enable 2FA most likely from security or account settings. Not all services have the option to use 2FA, however.

What is the best two-factor authentication method?

First of all, any two-step verification method is better than none. Using SMS for two-step verification, however, can be risky. Hackers can redirect your phone number so that your one-time codes fall directly into their hands. They can also intercept your SMS messages. Therefore, it is safer to use an authenticator app. You can use for example Google Authenticator, Microsoft Authenticator or Authy.

For maximum security, combine two-factor authentication with strong and unique passwords

Keep in mind that 2-step verification isn’t an impassable barrier. Regardless of having 2-step verification or not, you should change a compromised password immediately. And this applies to all the accounts you are using that same password on. To maximize your protection, use strong and unique passwords on all your accounts. Top that with 2-step verification, and you have a good protection against account takeover and online identity theft.

Using unique and strong passwords, however, is difficult without a password manager. F-Secure ID PROTECTION lets you store all your passwords securely, create new ones, auto-fill them when needed and access them from all your devices. You can also set it to monitor your data online, so when a service you use gets breached, you will be alarmed. This way you can change your password before hackers have time to use it.

Luciano Hernández

29.10.20 4 min. read

Categories

Leave a comment

Oops! There was an error posting your comment. Please try again.

Thanks for participating! Your comment will appear once it's approved.

Posting comment...

Your email address will not be published. Required fields are marked *

Highlighted article

Related posts

Newsletter modal

Thank you for your interest towards F-Secure newsletter. You will shortly get an email to confirm the subscription.

Gated Content modal

Congratulations – You can now access the content by clicking the button below.