Aol.|Mail|Click here to return to


Please turn on two-step authentication for your online accounts

No matter how strong your password, it's not foolproof and there are ways to get around it. Mat Honan, a journalist for Wired, had the unfortunate experience of finding this out firsthand when his iPhone and MacBook were broken into and wiped clean. By adding an extra security measure known as a two-step authentication system to his accounts, he could have saved his digital life.

What is it?
Two-step (or two-factor) authentication requires two pieces of information in order to access your account. The first being your password (provided you remember it), and the second is usually a code that is sent to your phone via text (some companies also have apps that generate personal codes every minute). Many companies, like LinkedIn, Google, Microsoft, Twitter, WordPress, Yahoo!, Blizzard, and Facebook have added this security option for users to take advantage of, and more companies are adding this extra measure as a feature every day.

There are ways for hackers to get your password no matter how strong it is, but an individual code that is created on the spot and sent to your phone? Not likely. Like any security measure though, there are ways around it, but the idea behind two-step authentication is to make it difficult for hackers to obtain your information -- it's a means to deter unwanted prying into your accounts.

Extra security measures (on top of two-step authentication)
People often daisy-chain their accounts and use the same username and/or email and passwords for all of them. While it's a pain to remember which goes with what account, taking a little time to write down all your different logins could save you some trouble down the line. First, keep a different password for different accounts. This way someone who figures out your email and password linked to one site can't hop over to your Gmail and try the same combination, allowing them access to where you bank (if you receive paperless statements), what you've purchased recently (if you have your receipts forwarded to that email), and so on. Second, use an email address that's not your full name. The first thing hackers look for are Firstname.Lastname accounts @ domain name dot com. So, instead opt for something that's still you, but professional (or totally crazy if you're not using it to interview for jobs).

Unfortunately, a recent study has shown that an overwhelming majority of Americans haven't bothered using two-factor authentication, despite consumers asking for increased security measures on websites. The reason why for 27% of those people was that "they found it inconvenient." Is it annoying to have to type in your password to Gmail, wait 3 seconds to get a text, and then log in again in order to see if that dress you ordered from Anthropologie has shipped yet? Absolutely. But those extra three seconds daily can save you from hours spent with customer service down the line.

Photo: Angel Arcones