How to add an extra layer of security to your online accounts

Two-factor authentication adds a layer of protection to the standard password method of online identification. You simply add another identification feature alongside your password and it’s usually a phone number. It’s free and quick and easy to do. Critics point out that because you usually have to use your phone number it’s just one more bit of information you’re handing over to a third party. This is true, but as hacks and database breaches become increasingly common it’s also one of the most practical and simple protection options available.

If you have a PayPal account and ever take a peek into the dark web you might find yourself a little horrified. Alongside drugs, guns, credit and debit cards for sale you’ll often find PayPal accounts.
The prices vary according to how much is in the account. You have to pay a little more for a PayPal account with $10,000 in it than you would for an account with $2,000 or $5,000. Of course the sellers kindly offer a ‘How to’ guide too so buyers’ can quietly extract the money without the legitimate owner knowing anything about it.
But why are PayPal accounts so popular? Well, it’s not just PayPal but any account of value that is poorly protected. If a hacker gets an account address all they need to do is crack the password. Given that most people use simple passwords, using software specifically designed for password cracking is an easy task.
However, if you introduce two-factor authentication into your accounts it becomes much more difficult, by several orders of magnitude, to access the account. The password acts as the first line of defence – so toughen it up – and the second factor adds another barrier by introducing what is usually a phone number.

PayPal

  • To set up two-step verification for PayPal, first login to your account on the website. Click on your profile icon then Profile and then settings.
  • On the left side of the page, click My Settings and scroll to the bottom of the page.
  • Find Security Key and click on Get Started to the right. You'll have to enter your password again before continuing.
  • Your Security Key page will have a message that says there are no keys currently activated. 
  • Click on the Get Security Key link at the bottom of the page and follow the prompts.
  • You'll then need to enter a phone number. A confirmation code will then be sent to the phone number you specify via text.
  • The security key page will then list your phone number and every time you access your account you will need to enter your password and then phone number.

Facebook

  • Sign in to your Facebook account. Click the drop-down arrow in the top-right corner and choose Settings.
  • Select Security in the left pane, then click Edit to the right of Login Approvals.
  • Next, check ‘Require a security code to access my account from unknown browsers.’
  • A window opens explaining how log-in approvals work.
  • Follow the prompts, which include adding a phone number to your account and entering a confirmation code that will be sent to your number.
  • You can also take advantage of the code generator feature within Facebook's mobile applications.
  • The code generator is found within the app by sliding out the More menu and scrolling down to the Settings section.
  • There you will find a Code Generator option, which will display a six-digit code when launched.

Yahoo

Given that Yahoo recently set an unwanted record with 1 billion accounts being compromised, and you want to hold on to your Yahoo account, it’s more than a good idea to not only change your password but also enable two-factor authentication.
  • Yahoo's two-step verification can be setup by visiting your account settings page.
  • Click on Account Security on the left side of the page.
  • At the bottom of the list will be a switch to enable two-step verification. Sliding it to the On position will bring up a prompt asking you for your phone number.
  • Enter your number, then click either Send SMS or Call Me in order to receive a confirmation code.
  • Enter the code when you receive it, and you're done.

Dropbox

  • Log in to your Dropbox account from a Web browser, then open the menu in the top-right corner and head to Settings and then Security.
  • Click Enable next to the Status for Two-step verification. After entering your password, you'll be prompted to pick a method of receiving authentication codes in the future.
  • You'll need to choose between receiving codes via SMS or using an authenticator app. SMS only requires a phone number and you're set.
If you plan to use an authenticator app, follow these steps:
  • Scan the bar code with your authenticator app of choice.
  • Enter the six-digit code from SMS or the authenticator app into box on the website.
  • Dropbox will show you a 16-digit code to be used in case you lose your device. Keep this emergency backup code in a safe place.
  • Click Enable and you're all set.

LinkedIn

  • Open the top-right menu and click on Manage next to Privacy & Settings.
  • On the tabs along the bottom-left-hand side, click Account > Manage security settings (bottom of the left column).
  • Under Two-step verification for sign-in, click Turn On. Enter a reliable cell phone number and then click Send Code.
  • Enter the code you receive via SMS to log back in to the LinkedIn website.

Twitter

  • Setting up Twitter's two-factor authentication requires you to use a computer and visit your security settings page.
  • Tick the box next to ‘Send login verification requests to (my number).
  • If you don't already have a phone number attached to your account, follow the prompts to add one.
  • With the box is ticked you’ll receive a series of prompts letting you know that the service is about to be enabled, and that you need to connect your mobile phone number to your Twitter account.

Identity Protection

Two-factor security isn’t infallible – but it is a good step towards protecting against account compromises. A case in point is the 1 billion account Yahoo breach
If a Yahoo user had a strong password in place bolstered with two-factor authentication the likelihood of hackers being able to breach the account may have been severely diminished if Yahoo had encrypted the two-factor steps.
BullGuard Premium Protection offers the best safeguards against these types of account breaches. It includes identity theft protection that alerts you immediately if any of your personal details are discovered online.
For instance, when a company is breached, emails, passwords, bank details, card numbers and so on are typically sold on dark web forums and web sites. BPP trawls the internet 24/7 and using a special algorithm searches for the personal information you want to protect. It’s the best way of safeguarding your sensitive data because if it is stolen as soon as it appears for sale, or someone tries to use it, you know about it and can take steps to defend yourself against loss.

Written by Steve Bell

Steve has a background in IT and business journalism and in the past has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies in a copy and content producing capacity. He has a particular focus on IT security and has been involved in writing about the industry at various levels ranging from magazine launches to producing newsletters. He also runs a small copy writing business called Art of Words. When not bashing away at a keyboard he can sometimes be found in a boxing gym making futile efforts to keep fit or marveling at the works of Sufi poets such as Jalaluddin Rumi and Hafiz of Shiraz.

More articles by Steve Bell

Leave a Reply

 

 

 

Please enter the code

Please enter the captcha code!

Security code

Ranked #1 by industry experts

BullGuard Internet Security

25%

Off

BullGuard
Internet Security

Buy now

Ranked #1 by industry experts

BullGuard Internet Security Cup

BullGuard
Internet Security

Free download
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.