Extra Sign-in Protection (2-Step)

Why Passwords Are Not Enough

Even a strong, unique password can be stolen through phishing, data breaches, or malware. Two-factor authentication (2FA) adds a second layer that stops attackers even if they have your password.

What Is Two-Factor Authentication?

Two-factor authentication requires two different types of proof to log in:

• Something you know: Your password
• Something you have: A phone, security key, or authenticator app

With 2FA enabled, an attacker who steals your password still cannot access your account without the second factor.

Types of Two-Factor Authentication

Authenticator Apps (Recommended)

Apps like Google Authenticator, Microsoft Authenticator, or Authy generate time-based codes:

• Codes change every 30 seconds
• Work offline without cell service
• More secure than SMS codes
• Free to use

Hardware Security Keys (Most Secure)

Physical devices like YubiKey provide the strongest protection:

• Immune to phishing attacks
• Cannot be intercepted remotely
• Work across many services
• Require physical access to use

SMS Codes (Better Than Nothing)

Codes sent via text message are better than no 2FA, but have weaknesses:

• Can be intercepted through SIM swapping attacks
• Require cell service
• Vulnerable if someone steals your phone

Use SMS 2FA if it is your only option, but switch to an authenticator app when possible.

How to Set Up 2FA

Most major services support 2FA. Here is the general process:

1. Go to your account security settings
2. Look for "Two-factor authentication" or "2-step verification"
3. Choose your preferred method (authenticator app recommended)
4. Scan the QR code with your authenticator app
5. Enter the code to confirm setup
6. Save your backup codes in a safe place

Important: Always save your backup codes. If you lose your phone, backup codes are the only way to regain access to your account.

Priority Accounts for 2FA

Enable 2FA on these accounts first:

• Email: Your email is the key to all other accounts (password resets)
• Banking and financial services: Protect your money
• Social media: Prevent impersonation and spam
• Cloud storage: Protect your files and photos
• Password manager: Protects all your other passwords

Recovery Options

Plan for what happens if you lose access to your second factor:

• Store backup codes securely (printed or in a password manager)
• Set up multiple authentication methods when available
• Keep your recovery email and phone number up to date
• Some services let you register multiple security keys

Passkeys: The Future of Authentication

Passkeys are a new technology that replaces passwords entirely:

• Use your fingerprint, face, or device PIN to log in
• Cannot be phished because they are tied to specific websites
• Sync across your devices automatically
• Supported by Apple, Google, Microsoft, and many major websites

When a service offers passkeys, consider using them instead of passwords.

Key Takeaways

• Enable 2FA on all important accounts
• Use authenticator apps or hardware keys over SMS when possible
• Save backup codes in a safe place
• Start with email, banking, and social media
• Consider passkeys when available