How to setup two-factor authentication on your online accounts
Stop security threats from accessing your accounts! Get a head start on setup two-factor authentication with this easy, step-by-step guide.
Table of Contents
What is Two-Factor Authentication (2FA)?
Two-factor authentication is a security feature that adds an extra layer of protection for your online accounts. When you set up two-factor authentication, any time someone attempts to log in to your account, they will need to provide not only their username and password but also a second piece of information, such as a code sent to their phone or email. This additional verification step helps prevent data breaches by making it much more difficult for unauthorized users to gain access to your accounts.
Instructions to Protect Your Online Accounts by setup Two-Factor Authentication
Just about any account you own on the internet is prone to being hacked. After numerous widespread breaches through the past few years, tech companies have been working together to develop a standard that would make passwords a thing of the past, replacing them with more secure methods like biometric or PIN-based logins that do not require transferring data over the internet.
But while those standards are still being adopted, the next best way to secure your accounts is two-factor authentication or 2FA. This a process that gives web services secondary access to the account owner (you) in order to verify a login attempt. Typically, this involves a phone number and/or email address. This is how it works: when you log in to a service, you use your mobile phone to verify your identity by either clicking on a texted/emailed link or typing in a number sent by an authenticator app.
What are Authenticator Apps?
Authenticator apps are considered more secure than texting. They also offer flexibility when you’re travelling to a place without cellular service. Popular options include Authy, Google Authenticator and Microsoft Authenticator. These apps mostly follow the same procedure when you’re adding a new account: you scan a QR code associated with your account, and it is saved in the app. The next time you log in to your service or app, it will ask for a numerical code; just open up the authenticator app to find the randomly generated code required to get past security.
While 2FA — via text, email, or an authenticator app — does not completely cloak you from potential hackers, it is an important step in preventing your account from being accessed by unauthorized users. Here’s how to enable 2FA on your accounts across the web. (We’ve listed the services in alphabetical order.)
Go to the Amazon homepage and log in. Hover over “Accounts & Lists” and click on “Account.” A box labelled “Login & security” will be at the top of the page, so click on that and then click the “Edit” button on “Two-Step Verification (2SV) Settings.” (You may be asked to reenter your password first.) You can also navigate directly to that page by following this link.
Click “Get Started” and Amazon will walk you through the process of registering your phone number, or you can opt to use your preferred authenticator app by syncing it through a QR code.
You can activate 2FA on both the Android and iOS Amazon app by tapping the three-line “hamburger” menu on the left side and finding “Your Account” > “Login & security.” The same “Two-Step Verification (2SV) Settings” selection should be available for you to edit and toggle on 2FA.
Once your phone number or authenticator app has been verified, you can select trusted devices to bypass 2FA or generate a code to log in via a mobile app.
The way to access Facebook’s 2FA settings is a bit different between the app and the web (and Facebook tends to update both layouts often).
On the mobile app, you can access your privacy settings by tapping the hamburger icon on the upper-right corner (Android) or the lower-right corner (iOS) and scrolling down to the bottom to find the “Settings & Privacy” menu. Tap “Settings” > “Security and Login” and select “Use two-factor authentication.”
You can opt for a text message, an authenticator app, or a security key.
On the web, click the down arrow in the upper-right corner, and select “Settings & Privacy” > “Privacy Shortcuts.” Look for the “Account Security” heading and click on “Use two-factor authentication.”
Additionally, for apps that don’t support 2FA when logging in with a Facebook account (such as Xbox and Spotify), you can generate a unique password specifically associated with that account. From the original down arrow, select “Settings & Privacy” > “Settings,” and then, from the menu on the left, “Security and Login” > “App passwords” (under the “Two-Factor Authentication” subhead). After resubmitting your Facebook password, you’ll be able to name the app, click generate, and save that password for the next time you have to log in. Under the same “Two-Factor Authorization” subhead, you can choose specific iterations of the app (say, on your laptop) where you can forgo the login code.
The easiest way to turn on 2FA across your Google accounts (e.g., Gmail, YouTube, or Google Maps) is by heading over to the main 2FA landing page and clicking “Get Started.” You’ll be asked to log in and then select your mobile device from a list. (If you have an iPhone, you may have to download a separate app.) If Google succeeds in sending a message to that phone, you will be asked to enter a phone number, and then you can choose whether you want to receive verification codes by text message or phone call. Again, Google will try out your chosen method.
After that, Google will first send prompts to your phone that allows you to simply select “Yes” or “No” when a login attempt occurs. If that doesn’t work, it will send a text message or phone call.
You can also generate backup codes for offline access. Google generates 10 codes at a time and they’re designed to be single-use, so once you’ve successfully used one, cross it out (assuming you’ve printed them), as it will no longer work.