Here are some of the best authenticator apps and options. It may take a moment to set up, but once you have 2FA enabled where it counts, you can rest easier.
IF YOU WANT to keep your online accounts safe, adding two-factor authentication (2FA) is the single most important step you can take. While no security measure is 100 percent hackproof, 2FA is going to go a long way to locking down access to your important accounts.
As the name suggests, 2FA adds another level of authentication to the login process. It means you need something besides your username and password to get into your account—and with swaths of login credentials regularly published online, it’s in your best interests to put that additional step in place.
We’ve discussed 2FA before, but there have been some useful updates since then. Here we’ll outline exactly what two-factor authentication is, how it works, and how you can set it up. It doesn’t take long to put 2FA in place, and the next time someone else tries to access your account with a stolen set of login details, you’ll be glad you did.
How Two-Factor Authentication Works
Logging into your accounts with an email address and password is fine, up to a point, but these details can get lost, stolen, guessed, or teased out of you with some clever social engineering. Two-factor authentication adds another access barrier for unauthorized visitors who have gotten hold of your primary login credentials.
Two-factor authentication—and the similar two-step authentication, which is sometimes treated as a different mechanism and sometimes not—means you need another bit of information besides your password and email address. Most commonly in most consumer apps, it’s either an SMS code sent to your phone, or a code generated by a dedicated authenticator app.
When you’re setting up 2FA, you’re asked to prove that you’re the owner of your phone and the associated cell number, and that gives you the authorization to generate and receive codes. Unless hackers get access to your phone as well your email address and password, they won’t be able to log in. 2FA codes are sometimes sent via email as well, and in some cases can be replaced by a physical object like a USB key, which you’ll need to get into your account (Google offers this as an option).
For most services and accounts, this extra code isn’t required every single time you open the app or site—that would get tedious very quickly. Instead, 2FA jumps into action when you try to log in on a new device that you haven’t used before or haven’t accessed in a long time, like a new phone or a laptop that hasn’t been associated with your account in the past.
An authenticator app is one of the best 2FA options, as there’s no way for shady characters to intercept the codes without physical access to your phone. (This is a risk with SMS and email.) You have a choice of apps, and the best support the most popular services: Authy is just about the best in the business, while Google and Microsoft offer very competent apps too. Some popular password management apps include an authenticator app, including Dashlane and LastPass.
We’re seeing a growing use of biometric information like a fingerprint or a face as that second authentication step, which should make two-factor authentication even more secure and convenient in the future, provided the technology continues to evolve. Adding 2FA is a quick and simple process most of the time, and there’s really no excuse not to set it up if you have the option—just remember that it should be used as part of overall good security hygiene, not in isolation.
How to Add Two-Factor Authentication to Your Accounts
Many apps and services offer 2FA now, especially those that store important and sensitive data: emails, financial information, files, social media, contact details, and so on. Most of the accounts that don’t have a 2FA option, such as Netflix, for example, aren’t at such high risk from attack—hackers usually aren’t so interested in binge-watching Netflix Originals and messing with your recommendations.
Every service uses 2FA slightly differently, but the option shouldn’t be too hard to find. For Google accounts (which cover Gmail, Google Drive, YouTube, and more), head to your Google account page on the web and then click on Security to find the two-factor option—as the second step of authentication, you can use an authenticator app, have prompts appear on your registered phone, or have SMS codes sent to your cell number.
In the case of Apple accounts, your best option is to use an iPhone or a Mac to switch 2FA on. On iOS, from Settings, tap on your name, then select Password & Security and Turn On Two-Factor Authentication. On macOS, you need to start from System Preferences and then choose Apple ID, Password & Security, and Turn On Two-Factor Authentication. Verification codes can be sent via SMS, and they will appear on other devices using the same Apple ID that you have previously registered with 2FA.