In 2021 remember that it is important to do everything possible to strengthen the security of your logins. Since most of our lives take place on our smartphones and personal computers, it's no surprise that our online accounts have become a target for hackers. Malicious attacks on governments, businesses, and individuals are becoming more frequent. And there is no indication that hacking, data leaks, and other methods of cybercrime are slowing down.
Fortunately, you can easily apply an additional layer of security to your online accounts by implementing two-factor authentication, also known as 2FA.
What is Two-factor Authentication?
Two-factor authentication (2FA), also known as two-step verification, is a security procedure where users have two separate authentication factors to validate their identity. This procedure is carried out to improve the security of both the user's credentials and the services that the user has access to. Two-factor authentication offers a higher degree of protection than single-factor authentication (SFA), which requires the user to have only one factor, usually a login password. Two-factor authentication mechanisms rely on a user having a password as well as a second factor, either a token or a biometric factor, to successfully login into their account.
Why are passwords historically bad?
The basic rule is that your password should be something that only you know, while being impossible for others to guess. And, although using passwords is preferable to no password at all, they are not impenetrable. This is why:
- Humans have terrible memories. The majority of passwords are ridiculously simple and embarrassingly easy. “111111,” “123456,” and “password” are among the worst. Although these are basic passwords, any competent hacker can break them in no time.
- When people get used to doing things online, they open an increasing number of accounts. This inevitably leads to an excessive number of passwords to recall, paving the way for a risky habit: reusing passwords. Hackers love password recycling. Hacking programs will test hundreds of compromised sign-in credentials against prominent online institutions and shopping sites, in seconds. If login information is reused, it is very possible that it will unlock a plethora of other lucrative accounts.
- Two words, security exhaustion. In order to protect their accounts, some users attempt to make it more difficult for hackers by generating more complex login credentials. However, with so many security breaches leaking user credentials on the dark web, many people just give up and revert to using poor passwords across all their accounts.
How to use two-factor authentication on your five main accounts
Paypal 2-step authentication
PayPal is a site dedicated to payment processing, and should be as secure as possible. After logging in, click your name in the upper-right corner to access your Profile Settings > Login and protection. Next to 2-step authentication, click "Set up." Choose whether to receive a text message or a code with an authenticator app or a security key. When you've done so, PayPal will give you the option of adding a backup to your account, such as a separate phone number or an authenticator app, for when you can't find your phone.
Apple iOS 2-step authentication
Go to the Manage Your Apple ID page and sign in to allow two-factor authentication. Click "Get Started..." under Security > Two-Factor Authentication.
You are then given instructions on how to set up 2FA for Apple on either iOS or macOS. It is no longer possible to do so with a browser on another operating system. On iOS, go to Settings > [your name] > Password & Security > Enable Two-Factor Authentication. On macOS, navigate to System Preferences > iCloud, sign in, and then press Account Details > Security > Enable Two-Factor Authentication.
Google 2-step authentication
With access to your credit card for Google Play purchases, confidential messages and records, smart home gadgets, and basically your whole life, a Google account must be well-protected. Fortunately, Google has been developing 2FA systems since 2010.
Google refers to its scheme as 2-Step Verification. It all boils down to identifying yourself via the phone. If you enter a password to access your Google account for almost every service and 2-Step Verification is activated, you have many options for obtaining the second step. The first of these is the Google Prompt. Simply connect your mobile to your account, make sure the Google search app is installed on the phone, and at login, you will go to the phone and simply acknowledge that you are the one logging in with a tap.
Amazon 2-Step authentication
Amazon added 2FA in 2015, and we would highly recommend using it since many sites use Amazon for payment. All of which are linked to your credit card.
Open Amazon.com on your personal computer, then choose Your Account from the Accounts & Lists drop-down menu. Select Login & Security. On the following tab, press the Edit button next to Two-Step Verification Settings. Scanning the QR code is the preferred option; phone number(s) is the backup method.
Whatsapp 2-step authentication
WhatsApp implemented end-to-end encryption as well as two-step authentication to keep eavesdroppers at bay, whether it's a hacker at home or an agent at the NSA, CIA, or FBI.
It is simple to set up: Go to Account > Settings > Two-step Verification. When you tap Enable, WhatsApp will prompt you to generate a six-digit PIN in order to register your phone number with WhatsApp. You'll also put in an email address in case you need to do a reset or switch off the authentication. If you later sign out or log in from a new account, WhatsApp will text you a code and require you to re-enter your PIN. You can change your PIN or email address at any time by going into the app.
While SMS-based 2FA is inexpensive, simple to set up, and considered user-friendly, it is still vulnerable to a variety of attacks. Identity hackers have robbed almost $12 billion in the last six years, and people are becoming more mindful of the dangers. It’s important for consumers to know what information is readily available about them online. Nuwber can help with this: enter your name on the website and it will provide you with all the publicly available data about you on the Internet. Hiding as much personal information on your accounts as possible will give hackers fewer possibilities to steal your identity, as well as fewer possibilities to guess your password.
Passwords as the primary form of authentication no longer have the protection that users want. Passwordless authentication solutions include biometrics and secure protocols. Stolen, recycled, and weak passwords continue to be a major source of security breaches. The positive news is that cyberterrorism is receiving so much attention that 2FA recognition is rapidly increasing, and users are increasing security on their accounts.