Twitter and LinkedIn recently introduced two-step verification for its users. Two step (also known as two-factor authentication) generally uses two of these three authentication factors to grant access to a system: something you know (e.g., a password), something you have (e.g., a cell phone), and something you are (e.g., a fingerprint).
The second layer of security can deter phishing and can also diminish the risk of having duplicate passwords (which can be used in conjunction with an email address to access other accounts). Remember LinkedIn’s data breach? DropBox? Yahoo? Twitter? Evernote? Last.fm? If you repeated your Twitter password on Facebook for example, a hacker could get access to your Facebook page armed only with your email address and password. Once your personal information has been compromised, it puts all of your accounts at risk.
With the addition of Twitter and LinkedIn, most of the major social networks offer opt-in two-step verification. You take your account security seriously, so why not just take two minutes right now and enable two-step security on all of these? Here’s how to do it:
Go to this page on Google: https://accounts.google.com/b/0/SmsAuthSettings
You’ll simply have to associate a phone with your account, then turn 2-step authentication on. Note that this turns on two-step authentication for the your profiles throughout the Google ecosystem.
Go to this page on Facebook: https://www.facebook.com/settings?tab=security§ion=approvals&view
Click the check box for: “Require a security code to access my account from unknown browsers” and you’ll be set.
Incidentally, I use Google Voice for texting. Google gets its phone numbers from Sprint, so if you set your Google Voice number up at as a Sprint phone, you can receive notification texts from Facebook despite the fact that they say they don’t support it.
Go to this page on Twitter: https://twitter.com/settings/account
Under “Account Security,” check the box next to “Require a verification code when I sign in.” Then save changes (at the bottom of the screen).
Go to this page on LinkedIn: https://www.linkedin.com/settings/security-v2
Opt to turn on two-step notifications. The page will prompt you to enter your cell phone number and then will confirm with a text.
And it’s THAT easy. While two-step authentication may be a little more hassle on the front end, knowing you’ve made your accounts less susceptible to maliciousness is well worth it.
Let me know what you think in the comments.