Recently, an old friend that I haven’t heard from in years suddenly sent me a friend request through Facebook. What struck me as odd is that I already had the individual as a friend through social media. This led me to believe that their profile may have been hacked. Because here’s the thing. If they had enabled enhanced security on their social media, chances are this wouldn’t have happened.
Two-factor authentication (2FA) is a process that gives web services (including social media)
an extra layer of security.
So how do you set up Two-Factor Authentication on all your online accounts?
Open up WhatsApp, and find the Settings menu under the upper-right hamburger icon. Look under “Account” > “Two-step verification” > “Enable.” The app will ask you to enter a six-digit PIN to use as verification and optionally add an email address in case you forget your PIN.
Having an associated email with your WhatsApp account is important since the service won’t let you reverify yourself if you’ve used WhatsApp within the last seven days and have forgotten your PIN. So if you can’t wait a week to reverify for whatever reason, it’s helpful to have entered an email address so you can log yourself in or disable 2FA. In the same vein: be cautious of emails encouraging you to turn off 2FA if you didn’t request it yourself.
Log in to your Microsoft account and find the “Security settings” menu (there are several ways to get there; click on the link for the easiest). Look for the “Two-step verification” section and click on the setup link. You’ll be walked through the steps needed to use either the Microsoft Authenticator app or use a different authentication app. You’ll also be able to create passwords for apps that don’t accept 2FA.
The easiest way to turn 2FA on across your Google accounts (i.e., Gmail, YouTube, or Google Maps) is by heading over to the main 2FA landing page and clicking “Get Started.” You’ll be asked to log in then select your mobile device from a list. (If you have an iPhone, you may have to download a separate app.) Google will try to send a message to that phone; if it succeeds, you will be asked to enter a phone number; you can then choose whether you want to receive verification codes by text message or phone call. Again, Google will try out your chosen method.
After that, Google will first send prompts that allow you to simply click “Yes” or “No” when a login attempt occurs. If that doesn’t work, it will send the text message or phone call.
You can also generate backup codes for offline access. Google generates 10 at a time and they’re designed to be single-use, so once you’ve successfully used one, cross it out (assuming you’ve printed them out) as it will no longer work.
Instagram added 2FA to its mobile app in 2017, but now you can also activate it through the web.
To activate 2FA on your mobile app, head over to your profile and click the hamburger menu on the upper-right corner. Look for “Settings” > “Security,” where you’ll find a menu item for Two-Factor Authentication.
Here, you can choose between text message-based verification or a code sent to your authentication app.
To turn on 2FA using the web, log in and head to your profile. Next to your profile name and the Edit Profile button, there is a gear icon. Clicking this will pop open a settings menu, where you can find the same Privacy and Security section as on the app. From here, you can turn on 2FA and, just as in the app, choose your method for verification.
The way to access Facebook’s 2FA settings is a bit different on the app and the web (and Facebook tends to update both layouts often).
You can access your privacy settings on the mobile app on both iOS and Android by clicking the hamburger icon on the upper-right corner and scrolling down to the bottom to find the “Settings & Privacy” menu. Tap “Settings” > “Security and Login” and scroll down to “Use two-factor authentication.”
Like Instagram (they are part of the same company, after all), you can opt for a text message or an authentication app.
On the web, click the down arrow in the upper-right corner, and select “Settings & Privacy” > “Privacy Shortcuts.” Look for the “Account Security” heading and click on “Use two-factor authentication.”
Additionally, for apps that don’t support 2FA when logging in with a Facebook account (such as Xbox and Spotify), you can generate a unique password specifically associated with that account. From the original down arrow, select “Settings & Privacy” > “Settings” and then, from the menu on the left, “Security & Login” > “App passwords” (under the “Two-Factor Authorization” subhead). After resubmitting your Facebook password, you’ll be able to name the app, click generate, and save that password for the next time you have to log in.
On the Twitter mobile app, tap the three-line “hamburger” icon at the top left of the screen and find the “Settings and privacy” selection. Go to “Account” > “Security.” Click on “Two-factor authentication” and follow the directions.
On the web, click on “More” in the left-hand menu and find “Settings and privacy.” Click on “Security and account access” (or you can just follow this link). Select “Security” > “Two-factor authorization.”
Once you’re all set up, Twitter will either ask for verification through an authentication app, or you will text a code number to your phone number when you want to log in. Twitter has also added security key support.
As with other services mentioned above, you can generate a backup code to use when you’re traveling and will be without internet or cell service. You may also see an option to create a temporary app password that you can use to log in from other devices. This can be used to log in to third-party apps if you have them linked to your Twitter account. Note that the temporary password expires one hour after being generated.
Go to the Amazon homepage and log in. Hover over “Accounts & Lists” and click on “Account.” A box labeled “Login & security” will be at the top of the page; click on that and then click the Edit button on “Two-Step Verification (2SV) Settings.” (You may be asked to reenter your password first.)
Click Get Started, and Amazon will walk you through the process of registering your phone number, or you can opt to use your preferred authenticator app by syncing it through a QR code.
You can activate 2FA on both the Android and iOS Amazon app by tapping the hamburger menu on the left side and finding “Your Account” > “Login & security.” The same “Two-Step Verification (2SV) Settings” selection should be available for you to edit and toggle on 2FA.
Once your phone number or authenticator app has been verified, you can select trusted devices to bypass 2FA or generate a code to log in via a mobile app.