In its mobile app, Facebook built in a neat Code Generator feature that generates TOTP codes for your account, but you can use any old TOTP authenticator app if you're willing to subvert Facebook's setup process. If you're using Google's mobile authenticator app to manage two-factor authentication across multiple services, for example--which is a great idea--you can set it up to provide authenticator codes for your Facebook account too.
Simply start the Code Generator setup process--click the Set up Code Generator link under Login Approvals in your Facebook security settings--and when the time comes to open the Facebook mobile app, click the Having trouble? link. Facebook will ask you to click a big blue Get Key button and enter the provided 16-character key into your Facebook mobile app, but you can enter it into almost any authenticator app--including Google's--and it will still work.
Microsoft is finally catching up
Your Microsoft account covers your Outlook inbox, your Xbox Live profile, your Windows Phone, and more. Improve security across the board by switching on two-factor authentication in the security section of your Microsoft Account summary page. You can set it up so Microsoft will send security codes to either an alternate email address or your smartphone via SMS, unless you prefer to download an authenticator app that will generate security codes for you. Windows Phone users can download Microsoft's own authenticator app from the Windows Store, but everyone else can just use any authenticator app that supports the One-Time Password algorithm.
For simplicity's sake, I recommend using the aforementioned Google Authenticator app on iOS and Android. Use the app to scan the barcode that Microsoft provides you during the two-factor authentication process and it will generate codes for your Microsoft account as well.
And you don't need to stop there--I expect Twitter will have its two-factor authentication system in place before summer rolls around, and there are plenty of other sites and services that already offer similar security systems. Dropbox, LastPass, Box, and even Amazon Web Services support two-factor, as do many banking services. Locking these accounts up with two-factor authentication adds another layer of security to your digital life, one that can be unlocked only with the smartphone in your pocket.
Sign up for CIO Asia eNewsletters.