January 9, 2015

Share Everywhere

How Two-Step Verification Helps Prevent Identity Theft

Have you ever visited a website that formerly required only a password but now has another layer of protection? Because of the prevalence of data breaches and identity theft threats, some sites are stepping up security to safeguard you and your information from the bad guys. The change is called two-step verification.

Although it sounds technical, two-step verification — also called two-factor authentication, or 2FA — is actually very simple. Instead of the usual log-in involving input of a username and password, a 2FA system requires at least one extra step, such as entering a cellphone number, identifying a jumbled pattern of letters or providing a fingerprint or voiceprint.

Two-step verification has been around since the dawn of online retailing, although it’s often in the background. For example, when you input a zip code at the same time as a credit card number, that’s 2FA in action.

This additional step may feel like a hassle when you’re trying to speed through some account management or an online purchase, but it’s worth the effort. Two-step verification creates an extra layer of security that forces identity thieves to do more than just crack a password.

While two-factor authentication isn’t impervious to bad actors, it certainly makes hacking harder. To hack two-step verification, an attacker has to gain access to more user information, which gives you a higher level of identity theft protection.

In many cases, use of 2FA isn’t left up to the user. However, there are ways you can incorporate this additional security layer into your identity theft protection mix. For example …

Use two-step verification sites more often: Large online players including Google, Dropbox, and YouTube support 2FA, but others have yet to implement the security protection. Check out this frequently updated list to find out which sites and services have put two-step verification in place. That way, if you’re trying to decide between two providers — for example, payment services like PayPal and Dwolla — you’ll know which site has 2FA security.

Keep your info updated: Some sites, such as Facebook, Apple and Gmail, give you the option of enabling two-factor authentication by adding your cellphone number to existing account profile information. So if you try to log in from a different machine or you simply want a higher level of security, the site will text a temporary log-in code to your phone. If you get an unsolicited text, you’ll know that someone else is trying to crack your account.

Check security settings: Sites that let you enable or disable two-step verification will usually offer the option in the security or profile settings area of your account information. For example, Facebook security settings allow you to get an alert when anyone logs in from a new device or browser; you can also choose to set up 2FA as one more layer of protection.

Wherever it’s possible to enable two-step verification, take advantage of the opportunity. Even though it may make log-ins slightly more time-consuming, the process helps to keep your accounts secure; thwarting potential identity thieves.

Image courtesy of Flickr user Angel Arcones.

Melanie Medina

Sr. Director of Digital Marketing at IdentityForce
Melanie is a native of Bolivia who has lived in Boston for over 10 years. She likes to make time to travel, jog, read, and play backgammon. Fueled by copious amounts of coffee, Melanie stays on top of her to-do list while also keeping abreast of identity theft issues. Serious data breaches are happening all the time in the U.S. and Melanie loves being part of a solution that brings peace of mind to families across the country.

Latest posts by Melanie Medina (see all)

Join The Discussion

Your email address will never be published.