The power of passwords on their own are proving to be outdated as time progresses as more data breaches occur across the web. The use of a strong password alone does not protect against the smartest cyber-criminals and there are numerous other risk factors and weak points of entry for them to exploit. Take the recent Hollywood nude photo leaks scandal that has affected celebrities like Jennifer Lawrence for example. This, however, does not completely discredit the use of a strong password, but is simply a call for a new approach.
This new approach, already employed by many service providers, is two-factor authentication. Two-factor authentication means that before you can access an account, you must login with both a password and a unique device code, which is usually sent via SMS or from an authenticator key. It requires both something you know, like your password, and something in your physical possession, like your phone. After you enter your password, you’ll get a second code sent to your phone, and only after you enter it will you get into your account. It’s a lot more secure than use of a password alone and offers an additional authentication layer to block hackers, since the vast majority of instances; they do not have physical access to your device.
Not all websites and services offer two-step verification but here’s a list of some of the most popular websites and services that do.
Authentication For Your Websites:
An important thing to note here is that securing access to your website and hosting provider’s backend is just one side of the coin as there are other external threats like SQL injections and distributed denial-of-service (DDoS) attacks that can completely take down your site making it completely inaccessible and halting your online business to a standstill. For these threats it’s important to use a cloud security provider which will be more capable at monitoring your web assets in real-time and mitigating DDoS attacks and other potent threats. Your standard hosting provider does not have the resources or skillset to mitigate all attacks, since that’s not their primary business.
WordPress –WordPress supports two-factor authentication via the Google Authenticator app for Android and iOS.
DreamHost – DreamHost also supports two-factor authentication via the Google Authenticator app for Android and iOS. You can enable it here, or check out DreamHost’s wiki for more information.
Amazon Web Services – Amazon’s S3 supports two-factor authentication via authenticator apps, like the Google Authenticator app for Android and iOS. It also supports Windows phone via the Authenticator app.
Fibernet – As an all-round web host and cloud service provider; they also facilitate two-factor authentication with their dedicated cloud server options and other premium services; and are working to integrate the option with all their services as more users are demanding the feature.
For Your Personal Accounts:
Apple – Apple’s two-factor authentication sends you a 4-digit code via text message or Find My iPhone notifications when you attempt to log in from a new machine. You can enable it here.
LastPass – LastPass organizes all your accounts and passwords in a centralized secure vault. This is one of the most important services to use with two factor authentication—since it stores all your other passwords. It uses the Google Authenticator app and can be enabled here.
Google Services / Gmail – Google’s two-factor authentication sends you a 6-digit code via text message when you attempt to log in from a new device, though it also works with the Google Authenticator app. You can save each new device for 30 days.
Facebook – Facebook’s “Login Approvals,” sends you a 6-digit code via text message when you attempt to log in from a new device. It also works with the Google Authenticator app, as well as the “Code Generator” feature of the Facebook app.
Twitter – Twitter sends you a 6-digit code via text message when you attempt to log in from a new device.
Dropbox – Dropbox’s two-factor authentication also sends a code via text message when you attempt to log in from a new device, though it also works with Google Authenticator and a few other similar authentication apps. Also, if you want another layer of extra security, you can encrypt the contents of your Dropbox and locally stored data with BitLocker.
Evernote – Free Evernote users will need to use an authenticator app, though premium users can also receive a code via text message to log into a new device.
PayPal – PayPal’s two-factor authentication sends you a 6-digit code via text message when you attempt to log in from a new device.
Microsoft Accounts – Microsoft’s two-factor authentication sends you a 7-digit code via text message or email when you attempt to log in, though it also works with a number of authenticator apps. You can enable it here.
Yahoo! Mail – Yahoo’s mail service has not stood very well throughout history against hackers but their two-factor authentication does offer a great deal of hope. They send you a 6-digit code via text message when you attempt to log in from a new device.
LinkedIn – LinkedIn’s two-factor authentication will also send you a 6-digit code via text message when you attempt to log in from an unknown device.
You need to spend time checking on every service you use to see if they support two-factor authentication since it’s one of the best methods for protecting access to accounts and keeping your data and finances safe; along with the use of secure codes and passwords.