Two-factor authentication, also called 2FA or multi-factor authentication (MFA), adds a second layer of protection to your accounts. Even if someone steals or guesses your password, they still cannot log in without the second factor. It is one of the most effective things you can do to protect your accounts.
How 2FA works
When you enable 2FA, logging in requires two things: something you know (your password) and something you have (a code from your phone or an authenticator app). The code changes every 30 seconds, so a stolen password alone is not enough to get in.
Types of 2FA
- Authenticator app: The most secure option. Apps like Google Authenticator, Microsoft Authenticator, or Authy generate time-based codes. Use this when available.
- SMS text message: A code is sent to your phone number. Better than nothing, but not as secure as an authenticator app since phone numbers can be hijacked.
- Hardware key: A physical device like a YubiKey. The most secure option for high-value accounts.
How to enable 2FA on common services
- Google: Go to your Google Account, then Security, then 2-Step Verification.
- Microsoft: Go to account.microsoft.com, then Security, then Advanced security options.
- Apple ID: Go to Settings on your iPhone, tap your name, then Password and Security, then Two-Factor Authentication.
- Facebook and Instagram: Go to Settings and Privacy, then Security and Login, then Two-Factor Authentication.
Start with your email account. It is used to reset passwords for all your other accounts, so it is the most important one to secure first.
