Multi-factor authentication (MFA) makes it much harder for a hacker to get access to your online stuff, and the most common form of consumer MFA is two-factor authentication (2FA). A very common form of 2FA is the debit card. One factor is the card itself, which contains magnetic identifying info (these days, a chip), and a PIN that you provide when you stick the thing in an ATM machine. It’s simple and fairly good at keeping others out of your ATM-accessible cash. 2FA is important for your online accounts, such as email and your iCloud accounts.
While I admit it can be a bit of a pain to have to do something additional to get into your account, it’s far less of a pain than having one’s identity stolen, losing access to your email, or answering to your friends who wonder why you have said such crazy things about them (unless, of course, you actually said those crazy things!). Or, heaven forfend, someone logging in as you on one of your gaming accounts.
Here’s how 2FA or two-step authentication works for a couple of different online account types. (Note, these services change things up from time to time, so it’s good to keep abreast of such changes.)
Setting up Google 2-Step verification
First you log in with user name and password (we’ll get to choosing smart passwords in Part 3) to your Gmail account. There should be an avatar in a circle near the upper-left hand corner of the window. Maybe it’s even a photo of you. Click on it and you’ll see “My Account.” (Incidentally, this changes every couple of years) On the new window that opens up, click on “Sign-in & security.” Click on “2-Step Verification,” then on “Get Started.” Time to enter your username and password again. Enter a phone number and click on whether you want to receive a text or a phone call. Then you magically get a text or phone call with a 6-digit verification code. Type it in and select the option to turn on 2-step verification. It’s that easy. Okay, it’s several steps, but not that hard.
It may be that you prefer to collect your Gmail with some other app, like Outlook, rather than using a browser to go to the Gmail page for your mail. If so, it may be that once you’ve turned on two-step verification, your Outlook (or other app) keeps telling you that you have the wrong password, even though you know darn well it’s right. This has happened to me. You probably need to have Google give you a specific app password that Google will generate for you. You’ll need to go to the App passwords page, which at the time of this writing is at https://security.google.com/settings/security/apppasswords.
Select the app you want it for (if Outlook, then you would select “Mail”), then the device you are using (Google magically presents a list of the devices you use with their services). Then select “Generate.” It will show you a 16-digit number in a yellow bar for you to use as your new password for that app (Outlook, eg) on that device (don’t enter the spaces). You can save that password in your app and you may need that number again in the future.
Yahoo! is similar: sign into your account, go to the account security page, click on “two-step verification,” and toggle the button there to turn it on. Select an option to get a text or a phone call for verification. Enter the code that comes to you via text or phone call. At this point, you can create an app password, similar to the Google process above for your various apps like Outlook or Apple (iOS) Mail.
Now, let’s set up 2FA on your iCloud account. First, you have to have a passcode set on your iPhone or iPad.
Click on the Settings app. If your device uses iOS 10.3.3, click on your name (or the name of the account you use to sign on), then on “Passwords & Security.” Did I mention that this will change as Apple keeps us on our toes by changing everything up once we’ve gotten comfortable with the previous version? In the most recent previous version, you would have clicked on Settings, and then on iCloud, then your name, then Password & Security. But I digress…
Now tap “Turn on two-factor authentication.” Be prepared to answer some security questions – which we’ll be discussing in a future article – and then enter the phone number where you want to receive the code for 2FA, and as previously, select whether you want a phone call or a text.
For a Mac, open System Preferences, and select iCloud, and then “Account Details.” You might have to login using your Apple credentials. As above, answer your security questions if it asks, enter the phone number where you want to receive calls or texts for verification. Once again, a magical robot instantly sends you the code and you have to enter that into the field that awaits your answer.
Once it’s turned on, you’ll get a message asking for approval if an unknown device or location signs onto your account. Note that on a Mac, that notification can sometimes be on a window that is hidden behind another, so look for that if you find you’re having troubles with getting the approval request.
Speaking of troubles, it seems like a lot of work to have two-factor authentication, but once it’s set up, it’s not too much of a pain and will add considerable safety to your accounts, as well as considerable barriers to potential hackers. So do it!
Next time, we’ll discuss passwords, passcodes, and why you shouldn’t fill out those fun questionnaires that all of your friends send you.