With news of stolen passwords making headlines on a regular basis, businesses and individuals often ask Soteria’s team what they can do to take control of their security online. In addition to using strong and unique passwords for every application, we recommend setting up two-factor authentication, as it is one of the most simple and cost-effective ways to “double down” on your security.

As the name would suggest, two-factor authentication (2FA) is the process of protecting an online account with two different layers of security.

The first layer is a piece of knowledge that you have [e.g. password, personal security question]

The second layer is a piece of equipment that you have [e.g. cell phone, YubiKey (key fob designed for user identification purposes)]

By combining these two layers of security, it becomes more challenging for criminals that have stolen your password to unlock your accounts. Having your password alone is useless without having access to your “second layer” of authentication as well.

Many popular websites and web applications now offer 2FA security settings. You can quickly and easily turn on 2FA by logging into your accounts, navigating to your account settings, and updating your security preferences — no technical expertise or credit card required. Once you have navigated to a website’s 2FA set-up screen, you will be prompted to input a valid cell phone number. Upon submitting your number, you will immediately receive a text message with a security code. Enter the security code online to complete set-up.

Below is a list of popular websites that currently offer two-factor authentication security options:

Google

Outlook

LinkedIn

Twitter

Facebook

Dropbox

And more!

Soteria recommends turning on 2FA for all personal and business-related accounts that offer this security setting and encouraging (or requiring) your employees to do the same.

Interested in knowing if your favorite site offers a 2FA security option? Check out TwoFactorAuth.org, a GitHub-sponsored website that curates a list of common websites and web apps that do — and do not — currently offer 2FA security.