Are your e-mail and other online accounts as secure as they should be?
What is multifactor authentication?
Rather than relying on a password alone, multifactor authentication asks users to provide two forms of identification in order to log in. When you enable multifactor authentication, the website typically sends a passcode to your mobile device; you must enter that code, along with your password, in order to verify your identity. The code helps ensure that only you—and not an imposter who has stolen your login information—can sign in to your account.
Updating
your accounts
Here’s an overview of the multifactor
authentication features offered by several major websites. You can learn more
about each system and get specific instructions by visiting the sites.
- Gmail. When
you activate Gmail’s 2-Step Verification, you’ll be prompted to enter a six-digit code
that Gmail sends to your cell phone, as well as your username and
password, at login. You can elect to have the computer you’re using
remember the code for 30 days. (Whenever you use a different computer or
device, you’ll have to type in the code.) Once the 30 days are up, you
will receive a new code.
- Yahoo! Mail. Yahoo! Mail’s Second Sign-In Verification adds another layer of protection to your account
by authenticating suspicious login attempts. For instance, if you try to
sign in from a computer you don’t normally use, you’ll either have to
answer an account security question or enter a code sent to your mobile
device.
- Facebook. When
you enable Facebook’s Login Approvals, the site will ask you to enter a verification code if you try to
access your account from a new computer or mobile device. Once you log in,
you can save that computer or phone as a recognized device, so you won’t
have to enter a code the next time you log in.
- LinkedIn.
LinkedIn recently began offering Two-Step Verification, which requires you to enter a security code
sent to your phone when logging in from an unrecognized device for the
first time.
- Twitter. Another
newcomer to the multifactor authentication bandwagon, Twitter unveiled Login Verification this spring. When you enroll, the site will ask
you to enter a six-digit passcode sent to your phone each time you log in.
- PayPal/eBay. PayPal’s Security Key, which also works on eBay, protects your accounts by generating
temporary security codes that you use to log in. You can either register
your mobile phone to receive the security codes by text message or, for
$30, order a credit-card-sized hardware token that creates security codes
on the go.
- LastPass. If
you use LastPass to keep track of all your passwords, it’s especially
important to enable the Google Authenticator option to protect your account.
- Outlook/Hotmail. Microsoft is currently working on a multifactor authentication feature for Outlook/Hotmail accounts. In the meantime, it’s a good idea to request a single-use code when accessing your account from a public or shared computer.
Upgrade
your online security today!
Considering how easy these security
features are to activate, we encourage you to enable them as soon as possible for the sites you use.
Of course, multifactor authentication
doesn’t replace commonsense e-mail security practices—it’s still essential to
be proactive in protecting your cyber safety. Never open suspicious e-mails, and never provide personal information
online unless you’re sure of the recipient. If you haven’t updated your
passwords or password recovery options recently, take some time to do so.
As always, helping you keep your
sensitive information secure is one of our top priorities. If you have any
questions about the information presented here, please don’t hesitate to
contact our office.
