You can dramatically enhance the security of your most important online accounts – banks, social media, or professional – by turning on two factor authentication (2FA). It’s a really smart thing to do; and it’s really not smart to not do it. (Check out this article if you need an intro on 2FA).
But every site or service uses a slightly different method for enabling 2FA, so we’re here to give you a how-to that will eliminate another excuse for not doing it. Here’s a quick overview of setting up 2FA on some of the more popular sites around.
Sign in to your Amazon account, click Account & Lists at the top right and then go to Your Account > Login & Security Settings and click the Edit button for Advanced Security Settings. Click the yellow Get Started button and sign up to receive codes via SMS or an authenticator app. You’ll also need to add a backup phone number to reduce the odds of getting locked out of your account. For more, see this Amazon help page.
Apple (iCloud account)
From your iOS device, go to Settings > iCloud, sign in if you haven’t already and then tap on your Apple ID. From your Apple ID page, tap Password & Security and then tap Turn On Two-Factor Authentication. On a Mac, you can enable it by going to System Preferences > iCloud > Account Details > Security and clicking Turn On Two-Factor Authentication. For more, see this Apple Support page.
Click your name at top right in your Dropbox account and go to Settings > Security and you’ll see a status listed at the top of the page for Two-step verification. Next to the Disabled status, click the (click to enable) link and then click Get Started. You can then choose to get verification codes via text on your phone or an app like Google Authenticator. For more, see Dropbox’s instructions.
Click the triangle button at top right, go to Settings > Security and then click Edit to the right of Login Approvals. Next, click Enable next to where it says that Two-Factor Authentication is currently disabled. For more, see this Facebook help page.
Head to Google’s 2-Step Verification page, click the blue Get Started button and sign into your account. You can choose to receive codes via text or a voice call. You can also set up and print backup codes, add a backup phone number and set up Google’s Authenticator app. You can also sign up to use Google prompt, which sends a notification to your phone that you can simply tap instead of having to enter a code.
From the app, go to your profile page and tap the gear icon in the top-right to open the Options panel. Tap Two-Factor Authentication and then tap to toggle on Require Security Code. Instagram will then send you a six-digit code that you’ll need to enter to enable the feature. (If your account doesn’t have a confirmed phone number, then you’ll be asked to enter your number.) Instagram will also send you five backup codes to screenshot. For more, see this Instagram help page for account and notification settings.
Go to LinkedIn’s Security Settings page and click Add a phone number if you haven’t already done so for your account. With your phone number added, click Turn on next to where it saysTwo-step verification is turned off, enter your account password and then enter the verification code that LinkedIn sent to your phone.
Go to the Security settings page, sign in with your Microsoft account and click Set up two-step verification. You can choose to receive codes via email, text, or via the Microsoft Authenticator app. You’ll also need to create an app password to continue to use Microsoft devices and services that don’t support 2FA such as the Xbox 360 and Outlook.com email on an iPhone or Android phone.
Log in to your account and click the gear icon in the top right to enter your Settings. Click the Security tab and then Update next to Security Key. Enter your mobile phone number and then enter the verification code that PayPal sends you.
Sign in to your team and go to your Account page at my.slack.com/account/settings. Click the Expand button to the right of Two-Factor Authentication and then click Setup Two-Factor Authentication. You can sign up to receive code via SMS or an authentication app. You can also get backup codes to print out.
Open the app, swipe down to access your account, tap the gear icon to open Settings and then tap Login Verification. You can sign up to receive code via SMS or an authentication app and create recovery codes. For more, see this Snapchat Support page.
From the Twitter app, tap your profile icon and then tap the gear icon and tap Settings. Go to Account > Security and toggle on Login verification. You’ll get codes via SMS. You can then request a backup code, which you can screenshot to keep handy. For more, see this Twitter support page.
In your Yahoo Account, go to Account security and toggle on Two-step Verification. If you have Yahoo’s Account Key enabled, you’ll need to disable it. Account Key looks and smells like two-factor authentication but it is really only a single-factor; it lets you skip the first factor of entering your password and only enter a code sent to your phone. Yahoo’s two-step verification is the more secure option of the two. You can also create app specific passwords for any apps that don’t support 2FZ and use your Yahoo account.
If you use other website and services, check out the comprehensive AUTHY site for categorized lists of sites, services, and apps to see which support 2FA and which do not. Categories include banking, cloud computing, communication, email, health, social, and many more.
While 2FA does not guarantee you complete protection, it is considerably better than solely using passwords and passcodes. Enabling it on any secure account that you maintain is a critical step in taking ownership of your security and privacy.
Here’s our overview of 2FA
PC Mag gives an overview of two-factor authentication.
CNET ponders why more people don’t use 2FA