Secure your online accounts with two factor authentication

Secure your online accounts  with two factor authentication

What do iTunes, Yahoo, Gmail, Outlook, Twitter, Facebook, Bank of America, Chase, Discover, eTrade, Vanguard, PayPal, eBay and Etsy have in common with thousands of other secured online services? They all offer their users a secure supplementary method to prevent illicit access to their online accounts, with a level of protection much greater than the traditional password.

Known as “two factor authentication,” it may increase the time necessary to log on to websites by a few seconds, but it also greatly reduces the risk of an unauthorized person gaining access to those sites, even if the users’ passwords have been compromised.

The two factor authentication process itself is very simple, takes a few seconds to set up once on each participating website visited, and then a few more seconds when actually implemented. The website offers simple but site specific instructions on how to implement Two Factor Authentication on hundreds of participating websites; generally it is as easy as checking a “Two Factor Authentication” or similar box on the target website’s user configuration or profile page, and then entering a preferred method of contact, preferably a mobile phone number. That website will now display a third line for a key code, following the traditional username and password boxes.

I have two factor authentication implemented on several of my most sensitive and personal Web accounts; if I access those websites from a computer, smart phone, or other device not previously recognized and confirmed as mine, the website will send a verification code as a text message to my phone. Even if I entered a valid username and password (which could have been stolen by a hacker or cracker, a hacker that breaks into computers for personal gain), the site will also require that the validation code sent to my phone also be entered in a finite number of seconds in order to access the account. Unless the cyber crook also has my smart phone, they will be unable to access my account even if they have my valid username and password. 

Many people are unaware that each device on the Internet has a unique code number attached to it, which is also sent to websites to help verify the source of an inquiry; if the website does not recognize the unique hardware code previously verified for my computer, smart phone, or tablet, it will demand that I also promptly enter the unique access code that the website sends to my phone. No code, no access. It is that simple.

While there are many sites that explain how to implement two factor authentication on their sites, and the process is inheritably simple, as well as similar on most participating sites, my personal favorite is still the directory at All of the information that anyone might need, including a 90-second video explaining the process, is available from the “Turn It On” site. If you are worried about someone accessing your accounts or hacking into your e-mail (and you should be!), you need to enable the two factor authentication offered for free by many of the websites that we access.

If offered by online services, such as your e-mail provider, and you do not implement two factor authentication (or some similar technology such as the uncommon digital dongles), please do not come running to me if your e-mail or other account is accessed by disreputable individuals. I would hate to say it, but I told you so.