What you need: 30 minutes
Time required: Google Authenticator, Bitwarden
You’d never have just one key for your house. Common sense dictates you’d get at least two of them cut and keep them in separate places. But how many of us follow this advice when it comes to the digital keys that secure our online accounts?
I’m as bad as anyone. I’ve set up two-factor authentication (2FA) on 29 online accounts and they’re all tied to a single code generator that lives on my phone. If I lose my phone, I might find myself permanently locked out of accounts. Here, I’ll work through solutions to avoid this disaster, but first let’s examine the difference between two-factor authentication and passwords.
In general, passwords are getting less effective. Sometimes that’s because we choose easy-to-guess logins.
Occasionally, a hacker gets lucky. And every now and then, a data breach reveals even the most secure credentials. Each scenario puts your data at risk.
Enabling two-factor authentication is one way to significantly reduce that risk. Sometimes abbreviated to 2FA or MFA (for multi-factor authentication), it supplements your password with a series of ever-changing codes. Only if you can enter the correct code at the correct time – as well as your password – will you be granted access.
Some services, like online banks, will request the code every time you log in. Others, like an online office suite (such as OneDrive, pictured above) or email account, might only ask the first time you log in from a new browser or device. In the latter instance, you can usually tell the service to ‘trust’ the browser/device you’ve just authorised.