Why you should turn on two-factor authentication

For today’s Works for Me Wednesday I am sharing one of my most basic pieces of computer security advice: Enable two-factor authentication (a.k.a. two-step verification) on every account you can. Two-factor authentication is a simple way to prevent someone else from getting access to your accounts. I’ve written about this before (including here, here, and here), but my last post about it was over a year ago. With Amazon recently joining the list of websites offering this important security option, it’s a good time for a reminder.

What is two-factor authentication or two-step verification?

Caution Two-Steps Sign Over Lock
Photo credit: Leo Reynolds via Foter.com / CC BY-NC-SA

Two-factor authentication is a method of logging in to a website using two types of information instead of just a password. This is important because even using strong passwords doesn’t help if a site’s password file gets stolen or your password can be reset with answers to security questions that can be easily be found or guessed. Requiring two-steps to the log in process makes it more difficult for someone else to hijack your account.

The most typical form of two-factor authentication for websites is to text a code to your cell phone that must be entered in addition to the password. Other forms of two-factor authentication include the use of a security token or verifying via a phone call.

But isn’t entering an extra code a big pain? Do I have to do it every time I log in?

Most websites allow you to remember trusted devices. That means you typically only have to enter a code once on your usual computer, iPad, or other device unless you want the added security of requiring the code all the time. This means that after the initial set up, you will only have to enter the code if you log in somewhere new. Wouldn’t losing access to your email, social media, banking, or other accounts be more of a pain than entering a few codes?

So, if I use two-factor authentication my account can’t be hacked?

No security mechanism is perfect. Two-factor authentication has weaknesses. Most notably, if someone has your phone requiring a code that is sent to that phone won’t help. Still, two-factor authentication will provide much better protection for accounts than a password alone, which is why I highly recommend enabling it on every site that offers it.

What websites support two-factor authentication?

Luckily the list of websites that support two-factor authentication is growing. Below are some popular websites that offer two-step verification. Click on the links for instructions about how to activate this security setting for each site. If you don’t see a site you use on the list, check your account security settings for two-factor or two-step options or send a message to their support asking if they support two-factor authentication.

Banking sites are definitely important accounts for which you want to activate two-factor authentication if available, but not all banks offer it. Check with your bank to see if they have a two-step verification option.

Losing access to your online accounts can result in loss of money, loss of privacy, identity theft, embarrassment, and loss of information you care about like your address book and pictures. Two-factor authentication is a simple thing you can do to give better potential to your personal information. It only takes a few minutes. Set it up now.


Get notified of new posts by email. Type your email address in the box and click the “create subscription” button. My list is completely spam free, and you can opt out at any time.

You can also find Kim Z. Dale on TwitterFacebook, and Google+ .

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.