Protect Accounts with Strong Authentication

What is strong authentication?Strong authentication – sometimes called 2-step verification, multi- or two-factor authentication, or login approval – provides an extra layer of security beyond your username and password to protect against account hijacking. Many online services, including email and social networks, offer this free extra security protection to help ensure it’s actually you trying to access your account – not just someone who stole or guessed your password.

How does it work? Strong authentication requires you to have more than just your password to sign into your account. Strong authentication tools are widely available on major email and social networking sites. Here are the most common methods you can choose from:

 

Here’s how to turn on strong authentication:

Instagram Two-factor authentication is a security feature. When two-factor authentication is on, every time you log into Instagram from an unknown device you'll be asked to enter an SMS security code or backup code in addition to your username and password. Find out more from Instagram here.

Facebook As more individuals and businesses turn to Facebook to share and connect with others, people are looking to take more control over protecting their account from unauthorized access. Login approvals is a Two Factor Authentication system that requires you to verify your identity via a code sent to your mobile device or by using a physical security key (yubikey) whenever you log into Facebook from a new or unrecognized computer. Once you have verified your identity, you’ll have the option to save the device to your account so that you don’t see this challenge on future logins. Find out more from Facebook here. Yubikeys were first introduced in 2017. The function allows you to register the physical security key to your account so that the next time you login after enabling login approvals, you'll simply tap a small hardware device that goes in the USB drive of your computer. Security keys can be purchased through companies like Yubico, and the keys support the open Universal 2nd Factor (U2F) standard hosted by the FIDO Alliance.

Twitter Login verification is an extra layer of security for your Twitter account. Instead of only entering a password to log in, you’ll also enter a code which is sent via text message to your mobile phone. This verification helps make sure that you, and only you, can access your account. After you enable this feature, you will need both your password and your mobile phone to log in to your account. When you login to twitter.com, Twitter for iOS, Twitter for Android, or mobile.twitter.com, you will receive a text message with a six-digit login code to enter (see our list of supported carriers here). Find out more from Twitter here.