Two-factor authentication is one of the best things you can do to make sure your accounts don't get hacked. We've talked about it a bit before, but here's a list of all the popular services that offer it, and where you should go to turn it on right now.
What Is Two-Factor Authentication?
Passwords, unfortunately, aren't as secure as they used to be, and if someone gets your password, they can access your account with no problem. Two-factor authentication solves that problem.
Google's spam guru, Matt Cutts, put it best: two-factor authentication is a simple feature that asks for more than just your password. It requries both "something you know" (like a password) and "something you have" (like your phone). After you enter your password, you'll get a second code sent to your phone, and only after you enter it will you get into your account. Think of it as entering a PIN number, then getting a retina scan, like you see in every spy movie ever made. It's a lot more secure than a password that anyone can hack, and keeps unwanted snoopers out of your online accounts.
Where Can I Use It?
Unfortunately, you can't use two-factor authentication everywhere on the web just yet. But a lot of sites have recently implemented it, including many of our favorite services. Here are some services that support two-factor authentication, with instructions on how to enable it:
- Google/Gmail: Most of us store a lot of information in our Google accounts, and you'll definitely want to protect it by turning on two-factor authentication. You can learn how to do it here, or check out Google's official documentation for more info.
- LastPass: If you use LastPass to create, manage, and store your passwords for other sites (which we recommend you do), this is one of the most important services you should enable two-factor authentication for, since it stores your passwords for every other site on the net. It uses the Google Authenticator app for Android, iOS, and BlackBerry, and you can read up on how to enable it here. Alternatively, you can use one of these password management apps that sync them between computers with Dropbox (which also supports two-factor authentication, as described below).
- Facebook: Getting your Facebook account hijacked could be more than a little annoying, and their two-factor authentication is super easy to use. You can find instructions on how to do it here.
- Dropbox: Dropbox is useful for all sorts of things, not the least of which is storing your data and sending sensitive info across the internet. Do yourself a favor and enable two-factor authentication using these instructions. If you want another layer of extra security, you can do so by encrypting the contents of your Dropbox with TrueCrypt.
- Some Microsoft Products: Microsoft hasn't enabled two-factor authentication for Outlook yet, but some of its services—including Xbox Live, its Billing pages, and SkyDrive when you remote to another computer—require it by default. You can read more about it here. And, if you want better security for Outlook, know that Microsoft is currently working on a secure, easy way to strengthen your login.
- Yahoo! Mail: If you're a Yahoo user, you can enable their two-factor authentication for your mailbox.
- Amazon Web Services: If you use any of Amazon's web services, like Amazon S3 or Glacier storage, you can get the extra security of two-factor authentication via the Google Authenticator app for Android, iOS, and BlackBerry. It also supports Windows phone via the Authenticator app.
- WordPress: If you don't want anyone getting unauthorized access to your blog,WordPress also supports the Google Authenticator app for Android, iOS, and BlackBerry.
- DreamHost: If you host your own domain or web site on DreamHost—our favorite web hosting service—you can enable two-factor authentication with the Google Authenticator app for Android, iOS, and BlackBerry.
If you use any of these services, you should head over and enable two-factor authentication right now—it's one of the best ways to keep your data (and, in many cases, your money) safe. Of course, you should also make sure you use a unique, secure password for each of your accounts, so if you don't do that, now's a good time to change that.