Nothing strikes more fear in the hearts of Internet users than the prospect of hackers stealing your passcode.
The impact can be devastating. Your email or social media accounts might be hacked, causing a world of embarrassment. Or, worse, someone can steal a passcode and gain access to your online bank accounts.
Lest we forget: Passcodes at work might be compromised too, allowing unauthorized access to proprietary business information of your employer, customers or clients. Bosses really, really don’t like that.
Companies that host your accounts, though, are sensitive to the need for ultimate security. Recently, Twitter joined Google, Facebook and others in providing two-step authentication to account holders.
No, we’re not talking about the country-western dance step. Two-step authentication is an extra layer of security designed to make it harder to access your account from another computer, even if someone has your password.
With two-step authentication, hackers need to know both your password and a verification code that is sent only to you via a separate communication, such as a text message.
Why two-step authentication?
Internet sites are adding this new security option for several reasons:
- Passwords are easy to guess.
- People tend to use the same password on multiple sites.
- Hackers are aggressively phishing, or stealing your information after you click on a link sent in a spam email or posted on a false social media site.
- Hackers are running scripts to guess passwords. (Don’t ask. Trust us: It can work.)
The damage can be more than an annoyance. In April, hackers got access to the Twitter account of the Associated Press, the worldwide news organization, and sent a false tweet stating that two explosions had rocked the White House and injured President Obama. Similar hacks happened to Jeep, Burger King, Donald Trump and several others.
How does two-step authentication work?
It’s going to vary from site to site, but two-step authentication essentially works this way:
- You sign up for two-step authentication.
- Your site sends you an authentication code, usually on your smartphone.
- You enter the code when accessing your account in addition to entering your password and user ID.
Instructions for two-step or “login” authentication are available:
- Twitter will send a text each time you log in.
- You may need to set up application-specific passwords on Google for applications not compatible with two-step authentication. Follow instructions carefully.
- You can “register” your computer, smartphone or tablet to your Facebook account so that you don’t see the challenge on future logins.
While you might think two-step authentication is just another bothersome Internet dance, it can provide extra security on your most sensitive online accounts.
— David Hejduk, Digital Marketing Manager