Use 2-Factor Authentication
Use 2-Factor Authentication: a reader asks…
I’ve read about this two-step user authentication stuff, do you think I need to use this? I’m just a normal home computer user.
Short answer, yes. Need I say more? At this point in time, hackers and scammers have so far outstripped the industry’s paltry attempts at protecting us from them. So much so that every person using a computer or any other device connected to the internet needs to use 2-factor authentication everywhere possible.
It should go without saying that you should use strong passwords (more than 13 characters) and unique passwords (don’t reuse passwords). Unless required by someone else, it no longer matters so much that you use a combination of upper-case, lower-case, number and special character types. What matters most is that the password be as long as possible. I’m setting a good example (I hope) by using a minimum of 21 characters in all my passwords.
It should also go without saying that you need to use a password manager, like Lastpass, Dashlane, 1Password or really any other method. That’s because the requirement to use unique passwords means we ‘normal’ humans can’t remember all those passwords. The only people who wouldn’t need one are those with an eidetic memory.
If you’re using strong and unique passwords, why would you still need 2-factor authentication? Because even the strongest passwords can get hacked. Hackers and scammers are very creative at discovering and using new ‘social engineering’ methods to get you to give up your password(s). With 2-factor, even someone with your password can’t log into your account without having that second factor (e.g., usually a six-digit code that’s constantly changing) that’s in your possession. For more on what 2-factor authentication is and how it works, check out my article 3 things to know about 2-factor authentication.
Be aware that not all online entities use 2-factor authentication, implementing that is up to each organization. Most banks and financial institutions do support this capability, if yours doesn’t, you should register a suggestion (complaint?). And each organization is also in charge of things like password complexity – some still require those upper-case, lower-case and special characters.
There’s a handy resource to check if your financial institution (or any other online entity) offers 2-factor authentication: https://www.daito.io/2fa/. This is an easy way to check without having to navigate through each organization’s website (this feature is often not easy to find).
Wherever it’s available, you should use 2-factor authentication. My current favorite app is LastPass Authenticator (for Android or iPhone) (because I also use LastPass). There are other providers out there you could use, and you can use a smartphone app, a USB key or a key fob – there are lots of options to fit just about anybody’s needs.
So no more excuses, get 2-factor authentication set up and start using it!
This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:
or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!
Pingback: MS Account Security - Practical Help for Your Digital Life®