Facebook, GMail, Twitter, Hackers, 2-Factor Authentication and You
Being the 2-factor security person that I am, I know many of you have probably read about Facebook, GMail, and Twitter passwords being hacked. Though you can’t do much about that (other than not have accounts with those services of course), there are steps you can take to keep those accounts secure even if someone else has your password. All that is required is that you have a mobile phone and that you set it up from your computer (I don’t know of a way to do this from the mobile side only).
Facebook:
Facebook users, to enable the 2-factor setting click on the lock icon and click on the link at the bottom that says “See more settings”.
Once there, click on the Security link 2nd from the top on the left.
Then click on Login Approvals.
There you will be given a checkbox to “Require a security code to access my account from unknown browsers”.
You can check that box and then choose which method you use to get your codes. I chose the code generator because that will work even if I only have access to WiFi, whereas receiving a text message may not. I would also at this time generate extra codes just in case you lose your phone. Save them in a place that will be easy to access, so you can get back to your account easily should you need to.
While you’re in the security section I would also suggest you check the active sessions and recognized devices. End activity on anything you don’t recognize. Lastly, setup your trusted contacts. Be sure to choose people who actually use Facebook regularly.
GMail:
GMail users who use their accounts on multiple devices may find this method a bit cumbersome, but it’s only cumbersome to setup. Once it’s done, you don’t have to make any changes unless you get a new device or wish to disable it.
Login to your GMail account and then find the cog icon under your picture on the upper righthand side of your screen and click settings.
Once there, click Accounts at the top and you will find security settings.
Clicking Account Recovery Options lets you set up your phone to use to recover your account should you forget your password or to challenge hackers. You can also add a recover email address as well as an alternate email address you can log in with. I would highly suggest doing both.
Clicking Other Google Account Settings will take you to a page that lists all of the settings for your Google identity. If you’ve never been here, I suggest you read it so that you understand more about the way Google views & uses your information. For our purposes today, click on Security from the menu on the left.
From there, scroll down to the bottom to find 2-Factor Authentication and turn it on.
After you set it up, you will want to create device / application specific passwords for your account so that you can log into your email through your phone, tablet, or other device that doesn’t use 2-factor authentication. You can click on the link visible in the screen shot above to get there.
Pro-Tip, you can use one generated password for all of your devices if you enter it into all of them at the same time. Caution though, if you do that and have to revoke it for some reason (you lose your phone), you’ll end up revoking it for all devices instead of just that one.
Twitter:
Login to Twitter and click the cog icon on the top right hand side of the nav bar.
Then select settings from the menu.
Then select Security and Privacy from the menu on the left.
Then select one of the two login verification options available.
Hopefully this was helpful to some of you. I know these settings can seem buried and intimidating if you’ve never used them before, but I suggest it is worth it to go through all of this trouble so that you don’t end up losing your digital life to someone else’s malicious activities.
