Two factor authentication instructions for major online services

Apple

Facebook

Google

Microsoft

Twitter

Description of Two-Factor authentication:

One way to greatly strengthen your password is to enhance it with another authentication system. It’s called “two factor” or “multi-factor” authentication and it works the same way your ATM card does. Access requires something you have and something you know. The most common form of dual factor authentication, supported by Google, Facebook, Apple and many other companies, is requiring that you access your smartphone before you can use a site from an unknown device. In some cases, you get a text message with a code that you have to type in before you can access the site. Others require that you use an app on your phone to provide permission when logging on to another device. Either way, you need to have physical possession of your phone as well as your password to get in.

To avoid annoying you constantly, most dual factor authentication schemes only kick-in when you are using a device or a browser that you haven’t previously used with that service. That won’t prevent someone who has access to your PC or phone from logging in if they know your password, but it will make it considerably harder for a remote attacker to break in, which is the main risk that we worry about.

Dual factor authentication can add a little more hassle and if you clear the cookies from your browser, you may have to use it even if it’s from a device you’ve used before. You may also be required to use dual factor authentication if you’re traveling and, speaking of traveling, there could be times when you don’t have access to your phone such as when you’re out of the country or if you can’t find it or if the battery dies. That’s why there is usually a backup code that you’ll need but, it’s typically a long sequence of numbers that you’ll need to write down and carry in your wallet.