Use 2-Factor Authentication

google-2-factor-authentication-graphic

Use 2-Factor Authentication: a reader asks…

I’ve read about this two-step user authentication stuff, do you think I need to use this? I’m just a normal home computer user.

Short answer, yes. Need I say more? At this point in time, hackers and scammers have so far outstripped the industry’s paltry attempts at protecting us from them. So much so that every person using a computer or any other device connected to the internet needs to use 2-factor authentication everywhere possible.

It should go without saying that you should use strong passwords (more than 13 characters) and unique passwords (don’t reuse passwords). Unless required by someone else, it no longer matters so much that you use a combination of upper-case, lower-case, number and special character types. What matters most is that the password be as long as possible. I’m setting a good example (I hope) by using a minimum of 21 characters in all my passwords.

password-managers-logos

It should also go without saying that you need to use a password manager, like Lastpass, Dashlane, 1Password or really any other method. That’s because the requirement to use unique passwords means we ‘normal’ humans can’t remember all those passwords. The only people who wouldn’t need one are those with an eidetic memory.

Advertisement

If you’re using strong and unique passwords, why would you still need 2-factor authentication? Because even the strongest passwords can get hacked. Hackers and scammers are very creative at discovering and using new ‘social engineering’ methods to get you to give up your password(s). With 2-factor, even someone with your password can’t log into your account without having that second factor (e.g., usually a six-digit code that’s constantly changing) that’s in your possession. For more on what 2-factor authentication is and how it works, check out my article 3 things to know about 2-factor authentication.

login-username-and-password-image-from-shutterstock

Be aware that not all online entities use 2-factor authentication, implementing that is up to each organization. Most banks and financial institutions do support this capability, if yours doesn’t, you should register a suggestion (complaint?). And each organization is also in charge of things like password complexity – some still require those upper-case, lower-case and special characters.

There’s a handy resource to check if your financial institution (or any other online entity) offers 2-factor authentication: https://www.daito.io/2fa/. This is an easy way to check without having to navigate through each organization’s website (this feature is often not easy to find).

lastpass-icon

Wherever it’s available, you should use 2-factor authentication. My current favorite app is LastPass Authenticator (for Android or iPhone) (because I also use LastPass). There are other providers out there you could use, and you can use a smartphone app, a USB key or a key fob – there are lots of options to fit just about anybody’s needs.

So no more excuses, get 2-factor authentication set up and start using it!

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:

Click or tap to open a new browser tab or your Venmo app and send money via Venmo to @positek
(@PosiTek)

Click or tap to open a new browser tab or your Paypal app to send money via your Paypal account to support@positek.net
(Support@PosiTek.net)

Click or tap to open a new browser tab or your Paypal app to send money using your credit card to support@positek.net (no Paypal account required)
(using any credit card)

or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!

One Comment

  1. Pingback: MS Account Security - Practical Help for Your Digital Life®

Leave a Comment

Your email address will not be published. Required fields are marked *

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

This site uses Akismet to reduce spam. Learn how your comment data is processed.