Multi-factor authentication (MFA) makes it much more difficult for a hacker to gain access to your stuff online, and the most common form of consumer MFA is two-factor authentication (2FA). A very common form of 2FA is the debit card. One factor is the card itself, which contains magnetic identification information (a chip these days) and a PIN that you provide when you put the thing in an ATM. It’s simple and pretty good at keeping others out of your accessible cash at ATMs. 2FA is important for your online accounts, like email and your iCloud accounts.

While I admit it can be a bit of a pain having to do something extra to get into your account, it’s a lot less painful than having your identity stolen, losing access to your email, or answering to your friends who wonder why you’ve said such crazy things about them (unless, of course, you actually said those crazy things). Or, heaven forbid, someone log in as you to one of your gaming accounts.

This is how two-factor authentication or 2FA works for a couple of different types of online accounts. (Note that these services change things from time to time, so it’s good to stay on top of any such changes.)

Setting up Google’s two-step verification

First, you sign in with the username and password (in Part 3, we’ll choose smart passwords) to your Gmail account. There should be an avatar in a circle near the top left corner of the window. Maybe it’s even a picture of you. Click on it and you will see “My Account”. (By the way, this changes every two years) In the new window that opens, click “Login and security”. Click “2-Step Verification” and then “Get Started.” It’s time to enter your username and password again. Enter a phone number and click if you want to receive a text message or a phone call. Then, magically, you receive a text or phone call with a 6-digit verification code. Write it down and select the option to activate two-step verification. It is easy. Okay, it’s several steps, but not that difficult.

It may be that you prefer to collect your Gmail with some other application, such as Outlook, instead of using a browser to go to the Gmail page for your mail. If so, it’s possible that once you’ve turned on 2-Step Verification, your Outlook (or other app) keeps telling you that you have the wrong password, even though you know very well it’s correct. This has happened to me. You probably need Google to provide you with a specific app password that Google will generate for you. You’ll need to go to the app’s password page, which at the time of writing is located here.

Select the app you want it for (if Outlook, then you’d select “Mail”), then the device you’re using (Google magically presents a list of the devices you use with its services). Then select “Generate”. It will show you a 16-digit number in a yellow bar to use as your new password for that app (Outlook, for example) on that device (don’t enter any spaces). You can save that password in your app and you may need that number again in the future.

yahoo!

yahoo! it’s similar: log in to your account, go to the account security page, click “2-step verification” and toggle the button there to turn it on. Select an option to receive a text message or phone call for verification. Enter the code that comes to you by text message or phone call. At this point, you can create an app password, similar to Google’s process above for its various apps like Outlook or Apple (iOS) Mail.

iCloud

Now, let’s set up 2FA on your iCloud account. First, you need to have a passcode set on your iPhone or iPad.

Click on the Settings app. If your device is running iOS 10.3.3, click your name (or the name of the account you use to sign in), then “Passwords & Security.” Did I mention this will change as Apple keeps us on our toes by changing everything once we get comfortable with the old version? In the most recent older version, you would have clicked Settings, then iCloud, then your name, then Password & Security. But I digress…

Now tap on “Turn on two-factor authentication”. Get ready to answer a few security questions, which we’ll discuss in a future article, and then enter the phone number where you want to receive the code for 2FA and, as before, select whether you want a phone call or a text message.

macintosh

For a Mac, open System Preferences, select iCloud, then “Account Details.” You may need to sign in with your Apple credentials. As above, answer your security questions if prompted, enter the phone number where you want to receive calls or texts for verification. Once again, a magical robot instantly sends you the code and you must enter it in the field that awaits your response.

Once activated, you will receive a message asking for your approval if an unknown device or location logs into your account. Note that on a Mac, that notification can sometimes be in a window that’s hidden behind another, so look for it if you’re having trouble getting the request approved.

Speaking of issues, it seems like a lot of work to have two-factor authentication, but once it’s set up, it’s not too painful and will add considerable security to your accounts, as well as considerable barriers to potential hackers. So do it!

Next time, we’ll talk about passwords, access codes, and why you shouldn’t take those fun quizzes all your friends send you.

Next, in part three: choosing smart passwords and secret questions (also known as giving the form away).