These days, it’s not a matter of if your password will be breached but when. Major websites experience massive data breaches at an alarming rate. Have I Been Pwned currently has records from 295 sites comprising 5.3 billion accounts. This includes well-known names like LinkedIn, Adobe, and MySpace. Password breaches are a cause for embarrassment; they are talked about in hushed tones just like finding mice in your home or having your credit card declined. They don’t need to be, though; they are part of the online experience associated with a modern cyber life. Instead of being embarrassed, take steps to minimize the impact that a data breach has on your life. One of the best ways to do this is to enable two-factor (or multi-factor) authentication on the accounts that you use on a regular basis. Adding a second form of authentication (typically in the fashion of a code generated by or sent to a device you own) can ensure that no one accesses your accounts even if they have your passwords. Here you will find step-by-step instructions on how to configure two-factor authentication on some of Internet’s most popular websites.
- Log into Facebook and visit Settings.
- On the left hand side, select Security and Login and click Edit next to Use two-factor authentication.
- Set up the 2FA methods of your choice. I recommend Text Message and Authentication App, at a minimum.
- Visit your Google Account page and follow the Signing in to Google link.
- Select 2-Step Verification and follow the steps to enable Authenticator, SMS, or Google Prompt 2FA. Note that some applications may stop authenticating and require application specific “App Passwords.” You can read more about those here.
PayPal
- Log into PayPal and visit Settings.
- Click Security and look for the Edit link under Security key.
- Add your mobile number under Register a new mobile number.
Microsoft
- Log into your Microsoft Account and click Security.
- Follow the more security options
- At this point, you can turn on 2FA by clicking Set up two-step verification under Two-step verification. You can also set up an authenticator app like Google Authenticator or Microsoft Authenticator by clicking Set up identity verification app under Identity verification apps.
Apple
- Log into Apple ID and click Edit under Security.
- Follow the steps under TWO-FACTOR AUTHENTICATION to enable 2FA on your Apple Account.
- Log into LinkedIn and click Me and Settings & Privacy.
- Turn on two-step verification in order to enable SMS verification codes for future LinkedIn logins.
- Log in to Twitter and click on your avatar and Settings and privacy.
- Under Security, click to Set up login verification. Follow the prompts to enable 2FA on your Twitter account.
Enabling two-factor authentication is quick and painless in most cases, although it is recommended that you print out back-up codes from sites that support it. These codes can be a life saver when it comes to websites that use authenticator applications should you lose or damage your phone. Are there any websites that you’d like to enable two-factor authentication on that weren’t in the list above? Let us know in the comments below.
Zero Trust and the Seven Tenets
Understand the principles of Zero Trust in cybersecurity with Tripwire's detailed guide. Ideal for both newcomers and seasoned professionals, this resource provides a practical pathway to implementing Zero Trust, enhancing your organization's security posture in the ever-evolving digital landscape.