Any account you own on the internet is prone to hacking – and one of the easiest ways to add an extra security layer is to activate two-factor authentication. Also known as two-step verification or 2FA, the process provides web services with a secondary access to the account owner (you!) To verify a login attempt. Usually this involves the phone number and / or email address.
Although 2FA does not fully download you from potential hackers, it is an important step to prevent your account from being opened by unauthorized users. Here's how to enable 2FA on your accounts across the web.
Editor's note, January 23: If you have a Nest camera, you may want to activate 2FA directly. There has been a new series of "hacks" where existing, compromised passwords are reused to scare Nest Cam owners and so we are reliving this today with instructions on how to do so. Note that other brands of cameras do not currently support 2FA.
2FA is currently offered to Apple users on iOS 9 or Mac OS X El Capitan or later. We do not make the rules!
The steps are a little different depending on how updated your iOS software is. For those who use iOS 10.3 or later, you can enable 2FA on your Apple ID by going to "Settings"> [Your Name]> "Password and Security." You can enable 2FA to get a text message with a code each time you log
Those who use iOS 10.2 or earlier are the settings under "iCloud"> "Apple ID"> "Password and Security."
Click the Apple icon at the top left of your Click "System Settings"> "ICloud"> "Account Details." (You can shorten this step a little by typing iCloud on Spotlight.) Click on "Security" and you will see the option to activate 2FA on.
The rest of the steps, from either iOS or Mac, are the same. You can choose Apple to send a six-digit verification code via a text message or a phone call.
Although you can access Instagram from a web browser, you can only activate 2FA from their mobile app. Cross your profile and click the hamburger menu in the upper right corner. During the Account section you should see "Two Factor Authentication". Change "Require Security Code" to receive an SMS with a login code to your account phone number each time you log in.
Under the hamburger menu on mobile apps or the upper right side of a browser, click "Settings"> "Security and login" or go to https: // www. facebook.com/ settings? tab = security. Under the "Use two-factor authentication" section, you will be able to register your phone number to get a code every time you log in, or have Facebook send a push message to your phone to approve or deny the login attempt.  Here you can also set up a security key to log in via USB or NFC or before generating a recovery code if you travel abroad where you have no cell service.
If you prefer not to use 2FA every time you log in from the same device (say your personal laptop or phone), you can also set up your trusted devices under the "Authorized Logins" menu. This allows you to access the bypass 2FA for devices currently logged into your Facebook account.
On either the Twitter mobile app or the browser version, click on your profile avatar and find the "Settings and Privacy" menu. Under "Account"> "Security" (or https://twitter.com/settings/account as a shortcut), you can switch to "Sign In Verification" to make Twitter text your phone number a code to log in.
Just like other services mentioned above, you can generate a security code to use when traveling and will be without internet or cell service or create a temporary app password that you can use to log in from other devices. The temporary password expires one hour after it has been generated.
Visit the Amazon homepage and sign in. From your account homepage, find "Login and security" and click the edit button on "Advanced security settings." configure, click "Get started" and Amazon will walk you by registering your phone number, or you can choose to use your desired authentication app by synchronizing it through a QR code.
Once verified, you can choose trusted devices to bypass 2FA or create a code to log in via a mobile app.
The easiest way to enable 2FA over your Google Account (ie Gmail, YouTube, or Google Maps) goes to the 2FA main page and clicks "Get Started". You will be asked to log in and enter a phone number before choosing to receive verification codes via SMS or phone call. Like Facebook, you can also choose to use "prompts" that let you click "Yes" or "No" when a login attempt occurs or create a security key with a USB memory stick.
Here you can also generate backup codes for offline access. Google generates 10 at a time, and they are designed to be single, so once you've used one, cross it out because it no longer works.
From the app's main page, press the gear icon and look for "My account" followed by "Login verification." Select SMS to get a code every time you log in. When 2FA is enabled In your Snapchat account, you can add trusted devices or request a recovery code for when you plan to be somewhere without mobile service.
To activate 2FA, you must open the Account Settings page from either 1) click on your username in the upper left corner to open a drop-down menu> "Profile and Account"> click the gear icon, 2) click on your own username from the chat window and select "Open account settings" or 3) on the way to my.slack.com/account/settings. The second option under your username should be to enable 2FA.
From here, if you have multiple email addresses, you may need to choose a default before continuing to choose whether you want to receive a password via SMS or via an authentication app. More at the bottom of this post. Once you have verified your account with a six-digit code, 2FA is activated.
Log in to your Microsoft account and find the "Security settings" menu. Choose to set 2FA and you will go through the steps with your phone number in the same way as the process outlined for all other services above. Because when you lack cell service, click on "App password" to create a unique one-time username to log in.
From your Dropbox website on the web, click on your profile avatar and find "Settings"> "Security." Scroll down a bit to find "2-step verification" – there it will tell the status of your 2FA. Click to activate to activate the function and enter your phone number to verify.
Open WhatsApp and find the setup menu. Look under "Account"> "Two-step verification" and press activate. You can enter your phone number just like anything else on this list, or choose to enter your email as an alternative location to receive the verification code.
Having an associated email with your WhatsApp account is important because the service will not let you confirm if you last used WhatsApp within seven days and forgot your PIN. So, if you can't wait a week to confirm whatever reason (lost phone, can't remember your PIN), it's good to have an email to sign in or deactivate 2FA. Likewise: Be careful with emails that encourage you to turn off 2FA if you didn't request it yourself.
On the main instrument, click on the gear icon and find "Profile and settings." PayPal does not express the function as "Two Factor Authentication" so you need to look for "Security Key". Click here to set what is basically your 2FA by entering your phone number, verifying with the SMS code and continuing as usual.
If you lose your phone, change numbers or decide to revoke access rights, return to this menu in the same steps as described earlier to make adjustments.
Given some of the hacking horrors that have hit the news lately, it's a good idea to add two-step verification to your Nest smart home system.
Nest first suggests that you have the latest version of the app on all your devices. Then go to Settings / Account / Manage Account / Account Security on the home screen and select two-step verification. Switch the switch to On. A set of instructions will ask you about your password, phone number, and verification code that will be sent to your phone.
Keep in mind that all your devices will automatically be logged out, so you will need to log in again using two-step verification.
Another advice: If not all your family members have their own logins, but have used yours, it is a good idea to set them up with separate family account logins. Otherwise, when trying to log in with two-step verification, the necessary code is sent to your phone, not theirs.
For all other things not listed here, we recommend that you use authentication apps to keep track of verification codes so that you can have them sent to you without the need for mobile services – useful for traveling abroad and having Internet access only. Popular options are Authy, Google Authenticator or HDE OTP (iOS only). These apps mostly follow the same procedure when you add a new account: scan a QR code associated with your account and save it in the app. The next time you need to log in, just open your app to find the six-digit code needed to get over security.
These extra steps are good for adding a security layer to all your accounts, but remember that you should change and update your passwords regularly even with 2FA enabled to just stay in top shape.
Update January 23, 2019 12:15 ET: Originally published June 19, 2017 at 8:29 pm EDT. Updated to include smart home protection.