Logins that require only a password are not secure. What if someone gets your password? They can log in, and the site won’t know it’s not you.
Think nobody could guess your 15-character password of mumbo-jumbo? It’s still possible: A keylogger or visual hacker could obtain it while you’re sitting there sipping your 700-calorie latte as you use your laptop. Or, you can be tricked—via a phishing e-mail—into giving out your super strong password. The simple username/password combination is extremely vulnerable to a litany of attacks.
What a crook can’t possibly do, however, is log into one of your accounts using YOUR phone (unless he steals it, of course). And why would he need your phone? Because your account requires two-factor authentication: your password and then verification of a one-time passcode that the site sends to your phone.
Two-factor authentication also prevents someone from getting into your account from a device other than the one that you’ve set up the two-factor with.
You may already have accounts that enable two-factor authentication; just activate it and you’ve just beefed up your account security.
- Its two-factor is called login approvals; enable it in the security section.
- You can use a smartphone application to create authentication codes offline.
Apple
- Its two-factor works only with SMS and Find my iPhone; activate it in the password and security section.
- Apple’s two-factor is available only in the U.S., Australia, New Zealand and the U.K.
- Twitter’s two-factor is called login verification.
- Enabling it is easy.
- Requires a dependable phone
- Google’s two-factor is called 2-step verification.
- It can be configured for multiple Google accounts.
Dropbox
- Activating two-factor here is easy; go to the security section.
- SMS authentication plus other authentication apps are supported.
Microsoft
- Enable it in the security info section
- Works with other authentication apps.
Additionally, check to see if any other accounts you have offer two-factor, such as your bank (though most banks still do not offer this as described above, but do provide a variation of two factor).
Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention. Disclosures.
Comments