Two-factor authentication may not be as sexy as the latest Android phone, but the technology is capturing news headlines, and deservedly so. Last week, Microsoft began rolling out this security tool for its some 700 million Microsoft Account users. Tuesday Wired reported Twitter is working on two-factor authentication as well.
It's a security feature that could have stopped hackers at the gate before they seized control of the Associated Press Twitter account, and it's something you should be using to protect your own online accounts, wherever it's available.
So how does two-factor authentication work? In a nutshell, it requires not one but two pieces of privileged information before granting access to an online account.
Let's say you've already set up two-factor authentication for your Google account, and now a hacker halfway around the world is trying to break into your Gmail. He has your email address and even your password, but he doesn't have the second element of the authentication process. In the case of Google accounts, the second element is a unique security code that's sent directly to your cell phone via text messaging.
In essence, two-factor authentication requires something you've committed to memory (your password) and something you have in your pocket (your phone).
If two-factor authentication sounds like kind of a pain, well, it is. Turning on this feature is a really easy way to make life harder for yourself, as you'll need to spend extra time to prove your identity every time you log into a protected account from a new piece of hardware. Nonetheless, this level of authentication makes it much harder for hackers to seize control of your accounts.
Getting started also requires a little legwork on your part. Most major sites and services offer two-factor authentication as an optional security feature, so you need to log into your various accounts and dig around in the security settings to find it.
Google and Facebook have offered two-factor authentication as an optional security measure since 2011. Dropbox started offering it last year, and Apple iCloud got two-factor authentication in March. Microsoft is late to the party but now has it, and Twitter's version of the technology can't come soon enough.
For the sake of brevity I'm going to run down the two-factor set-up process for the Big Three social networks as well as my favorite remote storage services. But you should duplicate this process across every site and service you use that offers two-factor authentication. And if it seems like a lot of different systems to manage, don't worry--there's an app for that.
Start with Google
Google makes two-factor authentication simple enough, but it can be very frustrating to configure if you log into Google across multiple devices. To get started, log into your Google account and navigate to the Security section of your Account Settings page.
Sign up for CIO Asia eNewsletters.