Two Factor Authentication
Bad guys are after your data. You’ve probably already been the victim of a data breach. Your passwords are probably compromised. How can you possibly hope to keep your data to yourself?
Two-factor authentication can help.
What does that mean? Two-factor authentication (2FA) is what it sounds like, a second means of verifying that you are you. For our purposes, the first factor is your password – something you know, the second factor is something you have like a YubiKey, Google Titan, or authentication app.
I highly recommend using a product like a YubiKey or Google Titan, it makes the authentication process much faster, but you should also use an authenticator app on your mobile like Microsoft Authenticator – more on why I recommend this one later. When buying keys, you’ll want two or more (I have 5), one to keep on you, the other to keep in a secure location – in case one gets lost, stolen, or broken.
The most important account you can enable 2FA on is your email. Think about it, every time you click the “I forgot my password” link, the first thing most services do is send you a link in an email. If a bad guy gets access to your email, it’s game over, they have access to EVERYTHING linked to that email account. To enable 2FA on your email accounts here are some quick links to the major players:
Google/Gmail
Microsoft/Outlook/Hotmail
Yahoo!
AOL
If you use Facebook or Twitter to sign into other services you’ll want to enable 2FA on those accounts as well:
Facebook
Twitter
You can pick up a Yubikey or Google Titan here:
Google Titan
YubiKey
While there are other authentication apps, I prefer Microsoft Authenticator because it also offers a free password manager with sync so you can make all your passwords long, strong, and unique. The unique part is important, if one account does suffer a breach, they can’t use that password to try and log into any other accounts – this is critically important for services that don’t yet offer 2FA. Check out these 2FA apps:
Microsoft Authenticator
Google Authenticator
Twilio Authy
LastPass