Quick tip: Enable 2-Step verification on popular web services
Between losing an iPhone, never-ending security issues, and the NSA, having an account accessed by an outsider is more likely than ever. While having a good password is critical, enabling 2-Step Verification is a great way to ensure data you’ve stashed in an online service like Gmail or Dropbox is limited to your eyes only.
In a nutshell, 2-Step systems work like normal log in systems, but after entering your user name and password, the system in question will send your phone an SMS with a unique PIN. Only after entering the PIN are you allowed in:
Setting this up varies a bit from service to service, but here’s how to get started:
- Google: About 2-Step Verification
- Apple: Frequently asked questions about two-step verification for Apple ID
- Dropbox: How do I enable two-step verification on my account?
- Evernote: Two-Step verification available to all users
- Microsoft: Two-Step verification FAQ
This sort of system can be annoying to use in practice, so many services allow you to select a device or computer to be “trusted,” so only the regular log in information is required. While this means anyone who has access to your notebook may be able to get in, it makes 2-Step verification a little more liveable day to day.
In case your phone is stolen or wiped, many of these services allow the addition of a backup phone number. In the case of Apple and Dropbox, the companies guide users in creating a recovery key that can be used to log in to the account if all else fails. These keys cannot be reset or recovered by the companies in question, so storing them in a safe place is critical. I keep mine as secure notes in Keychain Access on my personal Mac, where they are protected by my account login password.
You can find more Quick Tips right here.