Alright welcome back to the 3rd in our Stay Smart Online series for Stay Smart Week 2019. Today I’m writing about multi-factor or 2 step authentication. This is sometimes abbreviated to 2FA (which does not mean what I first thought, when I saw those letters!)
Firstly, what is 2FA?
Essentially it means there are two checks in place to prove your identity. It can be something you know (like a password or passphrase) as well as something you have (like a mobile phone or security token).
You might be thinking that you’re too small to need 2FA but sadly that’s not the case. The Australian Small Business and Family Enterprise Ombudsman identifies that small business is the target of 43% of all cybercrimes. That’s huge! So let’s not become one of the statistics right?
Turn on 2FA wherever you can
The best thing is to turn on 2FA on every application that you use, and that offers it.
The Australian Cyber Security Centre offers step-by-step guides on how to set up 2FA for
And a simple Google search for “2FA [application name]” should give you steps on how to set up 2FA for other applications.
Get more protection for your Google account
One of the things I like about Google is how everything is tied together – once I log into my account I have access to lots of time saving options including auto-fill from my password manager. However that same flexibility means that if someone gets access to my Google account password, they’ve got access to everything.
To reduce the risk of that happening I’ve set up 2FA on my Google account using my phone as the second authentication device. Now, if I’m logging into another computer I need to not only enter my password, I need to have my phone handy to get the second tier of authentication completed.
Setting up Google security key on your phone
- Sign into your Google account on your
Android[as of 15 Jan 2020, iPhones can also be used as Google security keys] phone and turn on Bluetooth
- On your computer, navigate to myaccount.google.com/security
- Select 2-Step Verification
- Click “Add a security key”.
- Choose your phone from the list of available devices. If you don’t see your phone as an option then you may be using G Suite which doesn’t offer this feature. You can still set up 2FA verification though through slightly different means if you are using G Suite.
If you haven’t turned on 2-Step Verification then you’ll need to follow the bouncing ball to set that up. Make sure you’ve got your phone handy as a verification code will be sent to it during the set up process.
If you have turned on 2-Step Verification then you’ll see the following screen:
Click on Add and then on the arrow next to your phone’s details.
You’ll get an acknowledgement sent to your phone when it has been set up.
And then the next time you try to log into your Google account you’ll see this on your computer screen:
and get something like this on your phone