Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Online security: your two-factor authorization checklist

Ian Paul | April 25, 2013
As Twitter gets ready to roll out two-factor authentication into its service, here's a rundown of how other major online services use the security feature.

The problem with Google's two-factor authentication is that some programs--smartphone email clients that access Gmail, for example--don't work with it.

For these apps, you will have to use a randomly generated application-specific password instead of your regular password. These passwords bypass the need for two-factor authentication and can be revoked by you at any time. Application-specific passwords only have to be entered once per service and can be created by signing in to your Google account and clicking here.

Microsoft Account

Microsoft only added two-factor authentication to its online accounts earlier in April.

The easiest way to get started is to login to your account and visit an account management page.

Select Security Info from the left-hand navigation panel and click on Turn on Two-Step Verification toward the top of the page. Microsoft will then send an SMS to the phone number connected to your account with an approval code to begin using two-factor authentication.

As with Google, you can get your Microsoft login codes via SMS or you can authorize a two-step login smartphone application, including Google Authenticator.

Since we set-up Google Authenticator with our Google account, let's use it again for Microsoft.

Start on the Security Info page you were on before and under the Authenticator App heading click Set Up. You will then be shown a QR code that you scan and register with Google Authenticator. Next, you'll have to enter a logiin token generated by the app to make sure everything is working properly.

Two-factor authentication works with most Microsoft services including, SkyDrive, and Windows 8 PCs. Similar to other services, you can set devices as favorites so you don't have to use two-factor authentication every time you want to login to your PC. Some devices don't support the secure login method including the Xbox 360. To get around this Microsoft says will help you login to your machine with a unique app password instead.


Sign-in to your Dropbox account on the Web here and click on the Security tab. One of the first three options on this tab will be Two-Step Verification Disabled. Click on Change to enable Dropbox two-step authentication.

During the authorization process, you can choose to receive verification codes via SMS or you can authorize Google Authenticator to generate random login codes for you. Dropbox also supports other authenticator apps including AWS Virtual MFA, and Authenticator for Windows Phone.

For the most part, Dropbox's two-factor authentication is only used when you login to the service's website from an unknown machine. You will only have to authorize Dropbox desktop apps at installation or after setting up two-factor authentication.


Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.