Two-step authentication: a second, extra layer of security

Alyce KominetskyCybersecurity

An on-screen prompt asks for the username and password

An on-screen prompt asks for the username and passwordHacks and security breaches are on the rise. Cybersecurity experts are advising users to set up two-step authentication on all accounts. You really should turn it on to protect anything sensitive. (Well, maybe not that bum tooth you need to get fixed; that requires a good dentist.)

Two-step authentication is one of the best ways to prevent unauthorized access to your accounts, even if someone manages to steal your password. Read on to learn how it works.

Standard online security procedures typically require a username and password. This simple model makes it easy for hackers, cybercriminals and anyone with an ulterior purpose to access a user’s private data. These personal and financial details can then be used to commit identity theft and fraud.

Two-step authentication is an effective way to protect your accounts. As the name implies, it adds a second, extra layer of security. Before granting you access to your account, it requires not only a username and password, but also an additional piece of information—something that only you should know.

Verification code

A verification code is one of the most common methods of two-step authentication. The verification code, sent to you via text message after you correctly enter your password, is a series of numbers you’ll need to enter to get into your account.

You’re more secure if someone needs both your password and smartphone—with the verification code—to access your accounts. Plus, if you use a passcode to protect your phone, you’re safe from someone’s stealing both.

Of course, it goes without saying that, to receive the verification code, your device must be charged and operational. (I know, obvious, but they still put “Do not use while sleeping” warning labels on hairdryers, so…) You should also check with your mobile provider: not all services are free, and you could incur SMS charges for verification codes sent to your phone.

How to enable two-step authentication

Several online services, including Apple, Facebook, Twitter and Google, offer two-step authentication to protect users’ accounts. We won’t list every single service here. After all, we don’t want to break the Internet. Instead, check out this article that explains how to enable two-step authentication on everything.

By using more than simply username and passwords, two-step authentication can reduce the incidence of identity theft, Internet fraud and email phishing.

Why dance around the issue of keeping your accounts safe, praying that no one steals your all-too-simple passwords? Master the two-step instead—two-step authentication, that is.