Twitter Blue members (those willing to pay $8 per month on Android or $11 per month on iOS) will only be able to use SMS-based two-factor authentication, according to a recent announcement. To be honest, my initial reaction was as follows: equally well. Text messaging is not the best option if you want to use 2FA to protect your social media accounts or any other accounts. Using a hardware security key or an authenticator app from a third party is much better.
How do security keys work?
The most secure method of use is with security keys, such as those offered by Yubico. They are small enough to fit on a keychain and connect to your system via USB-A, USB-C, Lightning, or NFC (with the exception of Yubico’s YubiKey 5C Nano, which is so small that it is safer to keep it in your computer’s USB port). They employ a number of authentication methods, including OpenPGP 3, FIDO2, U2F, smart card, and OTP
Your browser challenges the security key whenever you connect a wireless security key to your computer or insert a security key into your computer. The challenge includes the domain name of the site you are trying to access (to prevent you from accidentally logging in to a phishing site). After that, the key cryptographically signs the challenge and allows it, allowing you to log in to the service.
U2F security keys are supported by a lot of websites, including Instagram, Google, Twitter, and Facebook. The best thing to do is check the website of your preferred security key to see which services are supported. Here is a link to YubiKeys-supported apps, for example.
How do authenticator apps work?
However, physical security keys are not the most convenient option, despite being the safest. Using an authentication app on your phone is the best option if you don’t want to carry a physical key around with you and risk losing it.
Apps for authentication generate unique numerical passcodes that change every minute. It will ask for your authenticator code each time you log in to your service or app; Simply launch the app to locate the randomly generated code necessary to bypass security.
Authy, Google Authenticator, and Microsoft Authenticator are some of the most well-liked choices. When you add a new account, most of these apps use the same process: A QR code that is linked to your account is scanned, and the information is saved in the app. It will ask you for a numerical code the next time you log in to your service or app; Simply launch the authenticator app to locate the random code needed to bypass security.
Here is how to set up two-factor authentication on some of the most popular online accounts. Some of them don’t let authenticator apps run; In that case, we list the options. You can directly go to this article if you just want to use an authenticator app for your Twitter account. It has all the steps you need, but just for convenience, we’ve included Twitter with the others.)
Note: The majority of the instructions below are for websites; If you are able to use a mobile app, instructions will also be provided for that.
Amazon Access your account by logging in.
Navigate to Account > Login & security by hovering over Accounts & Lists in the upper-right corner. You could also just click on this link.)
Click the Edit button after going to 2-step verification. You might have to enter your password again.)
When you click “Get Started,” Amazon will show you how to sync your preferred authenticator app by scanning a QR code and register it.
You can also register a phone number to use as a backup text 2FA if you so choose. You can also opt out of 2FA on specific devices through Amazon.
2FA can also be enabled in the Amazon apps for Android and iOS.
The person icon is at the bottom, second from the left. Tap it.
Go to Login and security under Your Account.
It should be possible to select two-step verification with the same Edit button.
Apple iOS and macOS: If you use any Apple devices, you can activate two-factor authentication with your Apple ID. You can do this on your mobile device or the web. Through Apple’s system, you also receive any verification codes; Here, there are no apps for third-party authentication.
Additional points to keep in mind, as described on Apple’s support page: If you turn on 2FA, you have two weeks to change your mind; after that, you can’t turn it off; it’s a done deal. When two-factor authentication (also known as 2FA) is implemented, each time you sign in with your Apple ID on a new device, you will receive a notification on a trusted device requesting your approval.
Last but not least, unless you sign out, change your password, or delete the device, you won’t need to use a verification code again after signing in with the code to a trusted device.
Finally, in order to set up 2FA, you will require a reliable phone number.
iOS: Navigate to Password & Security under Settings > [Your Name].
Follow the on-screen instructions after selecting Enable Two-Factor Authentication.
macOS Select System Settings (or System Preferences for older versions of macOS) from your Apple menu (the Apple icon in the upper-left corner), then click your name (or Apple ID).
Install two-factor authentication can be found in the Recommended section. To begin the process, go to the following page and click the Setup button next to the Authentication app.
Note: There is a section on the Security and login page that is devoted to two-factor authentication if you scroll down. It lets you set up Authorized logins, a list of devices for which you don’t have to deal with 2FA, in addition to offering Use two-factor authentication (which takes you to the same setup page as before).
Google 2FA can be easily enabled across all of your Google accounts, including Gmail, YouTube, and Google Maps.
Navigate to your Google account page online.
Follow the on-screen instructions by selecting Security > 2-Step Verification.
After that, whenever a login attempt is made, Google will first send you notifications to your phone that let you choose “Yes” or “No.” It will call or send a text message if that fails.
Google has its own two-factor authentication system, just like Apple does; however, in contrast to Apple, you can use an authenticator app as a backup in addition to text, backup codes, or a security key (either a physical key or your phone). The Google Smart Lock app must be installed on your iPhone.
Additionally, backup codes can be generated for offline access. Google generates ten codes at a time, and because they are meant to be used once, once you have used one of them, cross it out (assuming you printed them) because it will no longer work.
2FA was added to Instagram’s mobile app in 2017, but you can also activate it online.
Tap the icon for your profile in the lower-right corner of the mobile app, then select the hamburger menu in the upper-right corner.
Select Security under Settings.
Select the Two-factor Authentication option from the menu.
Click the button labeled “Start.” You can select one of the following: an app for authentication (Instagram will either select one that is already installed or recommend a download option); a login code can be generated using WhatsApp; or send a message via text.
On the internet, select the icon for your profile in the upper-right corner.
From the drop-down menu, select the settings cog.
You can enable 2FA from the standard Mastodon web app if you are a Twitter user who has switched to Mastodon or if you were the first Mastodon user. Note: 2FA might not be available because Mastodon’s features can change depending on which instance you’re using. Also, it probably won’t be available as a mobile app, but that could change.)
You can access your Preferences by clicking Preferences at the bottom of the right-hand main menu or by clicking the three dots opposite your personal icon.
Click Account > Two-factor Auth in the left menu.
Either a security key or an authenticator app can be enabled. Additionally, you can generate recovery codes to keep in case you misplace your phone.
Microsoft Windows Access the Security menu by logging into your Microsoft account. There are numerous means of getting there; For the easiest method, click on this link.)
Two-step verification should be located to the right of Security and Password Change in the main header. Go to the Additional security section further down if you don’t see it there. Click the setup link and look for two-step verification.
You will be shown how to use either the Microsoft Authenticator app or another type of authentication. Additionally, you will be able to create passwords for applications that do not accept 2FA.
Additionally, you can password-protect your account in the Additional security section; To put it another way, you would sign in using a security key, an SMS code, an authentication app, or Windows Hello.
Current Nest users will have used Google’s 2FA feature to log in to the app using their Google accounts (see above).
You are required to use 2FA if you have resisted migrating your existing Nest account to your Google account; in fact, you probably received an email about it as of May 2020. In the unlikely event that you have not switched yet:
Navigate to Settings > Account > Manage account > Account security from the homescreen.
Switch on the feature by selecting two-step verification.
Your phone number, password, and the verification code that will be sent to your phone will all be requested during a series of prompts.
Keep in mind that you will need to sign in again using two-step verification because all of your devices will be automatically signed out.
Use Family Accounts to create separate logins for each member of your family if they all have their own logins but have been using yours. Otherwise, the required code will be sent to your phone rather than theirs when they attempt to log in using two-step verification.
PayPal
