Account Security: The 96% Solution

You don’t want your email account hacked. You don’t want anyone gaining access to your financial accounts. You don’t want someone else posting to your social media accounts.

But every week you hear about another ‘hack’ or ‘data breach’. So far you’ve only had to change a few passwords, but it feels like one day the cost is going to be *much* higher.

But it doesn’t have to be. There is an easy and proven way to protect your most important accounts, ensuring with nearly 100% confidence that nobody will get your money, your photos, or your identity. That solution is two-factor authorization.

Enter 2FA, a simple way to secure your accounts 

Two-factor authentication, or 2FA, is an extra step you go through to log into an account. Step one is your password. Step two – the second factor – is usually a text message (or some other option) that allows you to enter the account.

2FA is extremely effective in stopping hacks and automated attacks. According to a study from Google, even the mildest form of 2FA (SMS 2FA), blocked 100% of automated attacks, 96% of bulk phishing attacks, and 76% of targeted attacks.

That level of protection is even higher if you use their on-device prompt feature, where they ask a device that’s already registered if you’re trying to log in. Google also found that security keys, a small physical device that authenticates a log-in, blocks 100% of automated, bulk phishing, and targeted attacks.

Why it Works

2FA is effective because it renders the simple methods of hacking ineffective. Most hacks start with either automated attempts to guess passwords (or they try millions of the ones made available via data breaches), or with lists of passwords that were stolen from one account and then tried on other accounts. But if you have 2FA enabled on your important accounts, guessing your password doesn’t grant access, and even knowing your password doesn’t grant access.

When an account has 2FA enabled, mass attacks fail. And unless you’re of extreme importance, it’s unlikely a hacker is going to target you individually and do the very hard work necessary to breach your 2FA-protected account. They’d rather sit back and catch those without 2FA for them to keep themselves busy and successful.

Want to avoid account hacks and breaches? 2FA is a no-brainer. Here’s how to get started.

Enabling 2FA

We recommend enabling 2FA on your most important accounts first. These include your email, social media, file storage, and financial accounts – those where a takeover would cost a lot of money or distress.

Every account is different, but 2FA is usually found within the account’s privacy settings. Note that some call 2FA MFA, two-step sign-in, or some similar. Whatever it’s called, it still offers the same protection.

Some provide a choice of 2FA methods, including SMS, device prompt, authenticator apps, and keys. Most people should start with SMS 2FA or device-prompt. While the other options are more secure, they’re less convenient. We recommend the upgrade if you have a high risk of being targeted for an attack. 

If you want to upgrade, consider an authenticator app like Google Authenticator or Authy, or get a security key like Yubikey for the ultimate form of protection. But make sure the account you want to secure supports these forms of 2FA.

2FA is one of the most effective methods against hackers and we wholeheartedly recommend you start using it as soon as possible.

Show More
Back to top button