U.S. Markets closed
  • S&P Futures

    3,626.50
    -10.00 (-0.27%)
     
  • Dow Futures

    29,746.00
    -128.00 (-0.43%)
     
  • Nasdaq Futures

    12,269.75
    +12.25 (+0.10%)
     
  • Russell 2000 Futures

    1,843.70
    -9.30 (-0.50%)
     
  • Crude Oil

    45.10
    -0.43 (-0.94%)
     
  • Gold

    1,784.00
    -4.10 (-0.23%)
     
  • Silver

    22.43
    -0.21 (-0.92%)
     
  • EUR/USD

    1.1975
    +0.0004 (+0.0359%)
     
  • 10-Yr Bond

    0.8420
    -0.0360 (-4.10%)
     
  • Vix

    20.84
    -0.41 (-1.93%)
     
  • GBP/USD

    1.3339
    +0.0025 (+0.1841%)
     
  • USD/JPY

    103.8780
    -0.2070 (-0.1989%)
     
  • BTC-USD

    18,394.23
    +42.78 (+0.23%)
     
  • CMC Crypto 200

    363.44
    +25.94 (+7.69%)
     
  • FTSE 100

    6,367.58
    +4.65 (+0.07%)
     
  • Nikkei 225

    26,645.14
    +0.43 (+0.00%)
     

A Cheat Sheet for Securing Your Accounts with Two-Step Verification

Rob Pegoraro
·Contributing Editor

I first switched on two-step verification for online banking and other cloud accounts two years ago, and while I can’t say I’ve slept better, I can say that any sleep deprivation has been a function of parenthood, work, or jet lag — not from worrying about somebody “pwning” my email.

Masked man at keyboard
Masked man at keyboard

(Thinkstock)

With two-step verification, your password is no longer your account’s last line of defense. Instead, you verify your login with a second bit of information, usually temporary, that only you should have at hand. 

That second bit can be a numeric passcode sent to you as a text message that expires after a brief period. It can be a number computed by an app on your phone while your mail service’s computers are generating the same number. It may be a request displayed in your copy of a service’s mobile app.

It can also be one of a set of backup codes you print out and stuff in another information-storage device you know how to keep safe: your wallet. Don’t forget to do that last step, lest you find yourself locked out of a site when you’re in an area with poor cell coverage and you can’t receive a text with a login code.

What can be less than obvious about two-step verification is how to turn it on. That’s because not every site makes it easy. Here’s a short list of banks, email services, social networks, and other sites that know how to perform the login two-step, along with instructions on how to do it:

• Ally Bank

• Bank of America

• Chase

• Yahoo

• Gmail

• Microsoft Outlook.com/Hotmail

• Apple iCloud

• Facebook

• Twitter

• Dropbox

• WordPress

For a comprehensive list of sites offering this feature — as well as those working on it and those without announced plans to do so — see Josh Davis’s directory here.

Email Rob at rob@robpegoraro.com; follow him on Twitter at @robpegoraro.