Cybersecurity Step-by-Step #11: 2-Factor Authentication

Print This Post | Published in: Cybersecurity Step-by-Step, Blog |

Your financial well-being is our highest priority, and one of our goals for 2018 has been to walk you through the necessary steps to protect your online data. To make it more manageable, we have been sending you one new action item every month. If you missed the previous steps, we have listed them below with a link to the detail so that you can easily catch up.

Step Eleven:  Try 2-Factor Authentication

Why? 2-Factor Authentication adds a very effective second layer of security to your online accounts. 2-Factor Authentication (known as 2FA) means that two steps are required to confirm your identity. The first step is to enter your username and password. The second step is to enter a code sent to your mobile device. (The second step can also be accomplished using email, secret questions, tokens, or verbal verification by phone.) When you use 2FA, you are protected even if your password is stolen because the password thief is unlikely to have access to the second step of the authentication. (Learn more about 2FA by watching this 2-minute YouTube video)

If you’ve never used 2-Factor Authentication, we strongly encourage you to give it a try. It sounds complicated, but it isn’t as difficult to use as it may sound. Once you’ve tried it, we believe you will be convinced that the added security is worth the small amount of hassle to set it up.

Where to begin? If you aren’t sure, start here:
1. Start with your email. Gmail, Microsoft Outlook and Yahoo all offer 2FA. These services allow you to set up 2FA to apply only when logging in from a new device, so you won’t have to type in the extra code if you are logging in from your home computer or mobile device. If you aren’t inclined to do it to protect yourself, do it to protect your loved ones! Remember that if your email gets hacked, the cybercriminals can read ALL the correspondence and gather information that others may have shared with you.

2. Bank accounts should be your next priority. After all, most cybercriminals are in it for the money. Most banks offer 2FA and will allow you to designate trusted devices so that you will only have to go through the steps when you log in from an unknown device.

3. Once you have an increased sense of confidence using 2FA, you can add 2FA to other accounts – including those held at Schwab. Consider using it with shopping accounts such as Amazon, eBay or Etsy. Go to to find a list of website services that offer 2FA.
Watch for our final cybersecurity step in December – everything you ever wanted to know about ransomware!

List of Previous Steps:

Step One: Place a freeze on your credit history at the top three credit agencies.
Step Two: Update the operating software on your computers, tablets, and smartphones, and continue to update as new patches become available.
Step Three: File your tax returns as early as possible.
Step Four: Use unique passwords on every site (and try a password manager).
Step Five: Never (ever) email sensitive information and always insist on encryption.
Step Six: Avoid using public WiFi networks.
Step Seven: Monitor your financial activity.
Step Eight:  Avoid Spear-Phishing Scams.
Step Nine: Open your online “my Social Security” account now.
Step Ten: Protect your digital legacy.

To review the previous steps, visit our blog.