Protect Your Account – Use Two-Factor Authentication

OK folks, this one feels like a “duh” type of post to me.

Years ago, when I was an angsty preteen experimenting with a new and wild internet, I used to send my friends an email like this:

Dear sir or madame,

Your account has been compromised. Please reply to this email with your password, and we will reset it for you.

Sincerely, your email provider

And yeah, it actually worked and I got people’s passwords, which I only used to ruin their StarCraft ladder ranking or other similarly dumb reasons. Easily. The scary thing is that phishing scams still work really, really well. Some are quite convincing, others are less sophisticated than my 1996 tomfoolery. No matter how smart you are or how complex your passwords are, there’s always a chance you’ll mess up and give your password to someone who shouldn’t have it. That’s why two-factor authentication is so important.

Two-factor authentication is a pretty simple concept. When you log into an account on a new phone, tablet, or computer, your account will send you a text (or email, or other form of communication) with a short “extra code” to enter. This helps prevent phishing scams from working: if a bad-guy has your account email and password, they can’t get in to anything unless they also have your phone! If you’ve already been compromised (i.e. someone already stole your info), setting this process up also usually logs you out everywhere else: any bad-guys lose access to your stuff immediately.

Now, you can set up two-factor authentication on any number of social accounts. I use it for Google (including Google Drive, because obviously nobody should see my tax records or videos of me trying to stand en pointe despite never taking ballet), Twitter, GitHub, and Facebook. It’s super easy and not-at-all hard to figure out on most platforms, but there’s no way I could give you an exhaustive list of instructions. We’ll start with Facebook, since it’s pretty ubiquitous.

On desktop:

  1. While logged into Facebook, click the little down arrow in the top-right corner of Facebook, then go into “settings”.
  2. Select the “Security” tab. (See image if you can’t find it.)
  3. Select the “Login Approvals” button. (See image if you can’t find it.)

    A screenshot of the Facebook settings page, with "Security" selected and surrounded with a red box, and "Login Approvals" surrounded in a purple box.

    This is where the clicking should be done. Red box around the first step, and purple box around the second.

  4. Select the checkbox for “Require a security code to access my account from unknown browsers”. A pop-up box explaining that you’ll need to set this up with your phone pops up. Have your phone ready, and follow the remaining prompts to set yourself up nice and pretty.

On mobile (I tested this on Android, and it might look different on iOS):

  1. Get to the settings page by clicking on the menu (it’s the three horizontal lines at the top-right corner of the Facebook app), and scrolling down until you see a grey button that says “Account Settings” next to it.
  2. At the top of the Settings menu, click the “Security” option (it has a cute little badge next to it).
  3. There’s an option for “Login Approvals On”. Select it, then follow the prompts to set it up (see image).

    A screenshot of the "Security Settings" screen on Facebook mobile, with a red box around "Login Approvals On" and the checkbox area filled in.

    Check that box right there.

That’s it! Two-factor authentication is ready to go! The first factor is your password, and the second factor is the text it’ll send you! Setting this up for Twitter, Google, and others is similarly easy. It’s a fantastic way to beef up your own personal security.

Now, there are additional authenticator apps you can use for further management, but that’s something you can discover yourself, or maybe it’ll be the subject of another blog post. I personally like Google Authenticator, it’s super convenient for times when I might not have text access (seems I work in basements a lot).

There you have it! We helped you beef up your security, now help us out by sharing this post! And don’t forget to give our tech company Operation Incredible a “like” on your newly-fortified Facebook account!

Like what you've learned?

Help us out by telling your friends!