Two-factor authentication, or TFA for short, is a fairly simple and straightforward process in principle. It essentially consists of two separate and distinct factors which you use to gain access into a restricted area such as a digital data lockup, an online account, an electronic device or even a physical space of some kind.
The different implementations of TFA vary enormously depending on which of the above scenarios this process is being used for. However, since we’re focusing here on purely digital protection oriented systems, we’ll simply explain that in their case, most of your TFA options will consist of mobile device based set-up options which ask you to hand over your mobile phone number so that session specific access keys can be sent to it every time you log into an online account of some kind.
These are the most practical and ideal systems you can apply to keep all of your online, mobile and hosted data safe from intruders and scumbag data thieves. They are a crucial part of the wider digital security subject we’ve covered before and on more than one occasion on this site.
Let’s get down to some practical applications across different platforms!
When it comes to email, your TFA options are surprisingly limited as far as major carriers like Hotmail or Yahoo are concerned. Instead, your best bet is to just go directly with Gmail and set up your principal email account through them unless you already happen to have one running.
Why? Because Gmail is the only one of the major email providers that’s bothered to implement a robust TFA option that you can quickly and easily set up, and then use across every single one of the platforms that Google offers.
In order to set up two factor protection with Gmail, you simply need to log into your account, click on your “account settings” tab (normally at the top right corner of the screen), click on “security” inside account settings and then click on “settings” for the “2 step verification” option that’s going to appear on the right hand side.
Here you’re going to be asked to hand over your mobile phone number, to which you will be sent a verification code. Once you receive this code, you can then log into the 2 step verification setup page that Google provides and set up your TFA protection step by step. Basically, it’s going to consist of registering your mobile number with Google so that they can send you unique access keys via SMS every time you try to log into your Google account from an unknown device.
Also, Google lets you set up and print out several emergency access codes for use in case you lose your mobile device.
To be clear, this exact same process applies to pretty much all Google services including Google+, Google Drive and Google’s advertising related accounts (Adwords, Adsense, Analytics, etc). Also, on a final note, if you want Google account based TFA that can be personalised and customised for more complex needs, Google also offers its Google Authenticator option.
Facebook offers TFA for their services, and with good reason since the massive social media platform is a frequent victim of major hack attempts. Thus, if you think your social media data and accounts are really worth protecting, setting up TFA in either of these services is easy and dependent on simply having a mobile phone.
In order to set up TFA for Facebook, which the company calls “Login Approval”, you need to click on your “Account Settings” tab in your Facebook account, move from there to the “security” tab on the left of the screen and once in “security”, click on “edit” for login approvals. Once you do this, you will see a new box pop up which explains how Login Approval works and offers to get you started on setting it up.
Essentially, you will be asked to give over your mobile number and enable Facebook to request approval (TFA) any time you try logging in from an non-trusted browser. Also, they give you a couple of different options for generating your access keys. One consists of getting them via SMS messages while another lets you automatically generate codes that expire every 30 seconds inside your phone’s Facebook app.
Cloud storage is becoming a major part of the online data users array of digital tools. More likely than not, you use it all the time as part of your personal or professional life. Because of this, because of all the valuable data that you’re probably storing and transmitting through the cloud, you really need to protect it with whatever TFA options are available.
With DropBox and Google Drive this is really easy to do. In the case of Google Drive, the process is pretty much the exact same as what we’ve already described above for Gmail, so simply repeat those same instructions.
In the case of the extremely popular DropBox, TFA is run by using the powerful Google Authenticator app, which we’ve already mentioned above, and can be enabled by logging into your DropBox account, clicking on your “Settings” tab and then clicking on the “security” tab.
Here you will be allowed to enable two step verification and once you’ve done so, DropBox will offer you the option of receiving codes via SMS message to your phone or simply generating them inside your device by installing the Google Authenticator app to your mobile OS and configuring it to your DropBox account by scanning a QR code that’s displayed under this option in your DropBox TFA settings page.
Web Hosting & Your Own Private Data Networks
When it comes to web hosting, your own computers or your own data networks, as a general rule, you’ll have to set up your own systems by buying and installing third party TFA platforms such as those offered by companies like Authentify and Duo Security. For the most part, these systems are easy to install, easy to learn and will also depend on you using your or your employees/partners’ mobile devices to create TFA access protection for your computers, digital databases and private networks.
In the case of basic hosting for your own web site, there is one interesting and very easy to use option available via the hosting service Dreamhost. What they do is offer a built-in TFA option that you can set up right inside the hosting Cpanel you’d have set up as a web hosting customer. It also runs off of Google Authenticator app, which Dreamhost itself integrated with the control panels their customers use to manage their own sites. This Dreamhost wiki page offers installation details.