U.S. Markets closed
  • S&P Futures

    4,533.25
    -42.50 (-0.93%)
     
  • Dow Futures

    34,559.00
    -63.00 (-0.18%)
     
  • Nasdaq Futures

    15,687.50
    -301.00 (-1.88%)
     
  • Russell 2000 Futures

    2,156.20
    -49.00 (-2.22%)
     
  • Crude Oil

    66.22
    -0.28 (-0.42%)
     
  • Gold

    1,782.10
    +21.40 (+1.22%)
     
  • Silver

    22.57
    +0.25 (+1.12%)
     
  • EUR/USD

    1.1317
    +0.0012 (+0.1019%)
     
  • 10-Yr Bond

    1.3430
    -0.1050 (-7.25%)
     
  • Vix

    30.67
    +2.72 (+9.73%)
     
  • GBP/USD

    1.3235
    -0.0067 (-0.5029%)
     
  • USD/JPY

    112.8000
    -0.4090 (-0.3613%)
     
  • BTC-USD

    49,215.42
    +112.01 (+0.23%)
     
  • CMC Crypto 200

    1,367.14
    -74.62 (-5.18%)
     
  • FTSE 100

    7,122.32
    -6.89 (-0.10%)
     
  • Nikkei 225

    28,029.57
    +276.20 (+1.00%)
     

A Cheat Sheet for Securing Your Accounts with Two-Step Verification

·Contributing Editor

I first switched on two-step verification for online banking and other cloud accounts two years ago, and while I can’t say I’ve slept better, I can say that any sleep deprivation has been a function of parenthood, work, or jet lag — not from worrying about somebody “pwning” my email.

Masked man at keyboard
Masked man at keyboard

(Thinkstock)

With two-step verification, your password is no longer your account’s last line of defense. Instead, you verify your login with a second bit of information, usually temporary, that only you should have at hand. 

That second bit can be a numeric passcode sent to you as a text message that expires after a brief period. It can be a number computed by an app on your phone while your mail service’s computers are generating the same number. It may be a request displayed in your copy of a service’s mobile app.

It can also be one of a set of backup codes you print out and stuff in another information-storage device you know how to keep safe: your wallet. Don’t forget to do that last step, lest you find yourself locked out of a site when you’re in an area with poor cell coverage and you can’t receive a text with a login code.

What can be less than obvious about two-step verification is how to turn it on. That’s because not every site makes it easy. Here’s a short list of banks, email services, social networks, and other sites that know how to perform the login two-step, along with instructions on how to do it:

• Ally Bank

• Bank of America

• Chase

• Yahoo

• Gmail

• Microsoft Outlook.com/Hotmail

• Apple iCloud

• Facebook

• Twitter

• Dropbox

• WordPress

For a comprehensive list of sites offering this feature — as well as those working on it and those without announced plans to do so — see Josh Davis’s directory here.

Email Rob at rob@robpegoraro.com; follow him on Twitter at @robpegoraro.