How to Keep Your Internet Accounts Safe from Harmful Hacking

Internet accounts are subject to hacking, putting your personal information at risk. I recommend using a password manager, as I write about here: How to Manage Your Passwords.

But sometimes passwords alone are not enough to prevent hacking.

There have been several high-profile breaches where personal information, including passwords, has been stolen. Yahoo, for example, and Google. So even if you use strong passwords and change them regularly, there are times when hackers could compromise your information.

Several online services are now offering 2-factor (or 2-step, or multi-factor) authentication (or verification). If you enable this optional step, then any new device cannot log into your account through a web interface without also entering a texted code.

Here are the popular services that offer this:

• • Google (called 2-step verification)

    • Go to Sign-in and Security and sign into your account. Turn on “2-Step Verification”.
    • If you use an application such as Outlook or Thunderbird to access your Gmail, you’ll have to generate an app password. See this article: Sign in Using App Passwords.

• • Apple (used to be 2-step verification, now 2-factor authentication)

    • On your iPhone, iPad, or iPod touch:
      • Go to Settings and tap on your name.
      • Tap Password & Security.
      • Tap Turn on Two-Factor Authentication.
    • On your Mac with OS X El Capitan or later:
      • Go to Apple menu > System Preferences > iCloud > Account Details.
      • Click Security.
      • Click Turn on Two-Factor Authentication.

• • Amazon (called 2-step verification)

    • Go to “Your Account” > “Login and Security Settings” > “Advanced Security Settings”.

• • Dropbox (called 2-step verification)

    • Go to http://www.dropbox.com and sign in.
    • Click on your name and select “Settings”.
    • Click on the Security tab.
    • Click to enable two-step verification.

• • Facebook (called “2-factor authentication”)

    • Go to Settings > Security and Login.
    • Click Edit next to “Login Approvals”.

• • Evernote (called 2-step verification)

    • Go to http://www.evernote.com and sign in.
    • Go to Settings > Security Summary.

• LastPass: (called multifactor authentication)

  • LastPass uses a mobile app to authenticate. Go to Account Settings at http://lastpass.com and then “Multifactor Options.” Click the pencil icon next to “LastPass Authenticator” and follow instructions.

So why not enable 2-factor authentication for all services?

It can be less convenient. If you have to log into a service from a different device – a new device, for example, or a friend’s computer, or a hotel’s computer – then you’ll have to have your cell phone with you and you’ll have to be able to receive a text. This could be a problem while traveling.

Be sure to read this article before traveling out of the country: Traveling with Two Factor.

SUBSCRIBE TO MY NEWSLETTER

Get the “Controlling the Chaos” Newsletter and receive a free PDF download
“Drowning in Email – A Lifeline for Communications Overload”