Two-factor authentication is the second level of protection for your account.
It protects your personal data if your phone is stolen or your social network profile password is compromised. For example, they’ve tried to hack your account more than once, and only with the help of sms with confirmation codes can we trace it.
We’ll tell you what two-factor authentication is, how to set it up and when it’s useful.
What is two-factor authentication?
Two-factor authentication, login confirmation, two-step verification, two-step verification, 2FA – all these terms mean the same thing. It’s additional protection for an account beyond its password – in an operating system, messenger, browser, social network, or game.
This can be, for example, a code from an SMS or a one-time password, which is requested in addition to or instead of a regular password. It’s like a banking app: if you don’t confirm a transaction with a password, you don’t transfer money.
Such protection is needed so that no one can use your accounts for you, even if they manage to steal your device or pick a password. Whether your data needs additional protection measures is up to you to decide. But enabling and disabling 2FA, as a rule, is not difficult, and security with it is enhanced many times over.
Usually, two-factor authentication is used for the first login from a new device, and also – for any login to your account. For example, after you log out of it or change your password.
2FA doesn’t negate the need to make up or generate complex passwords that can’t be spied or picked. In addition, many services allow you to add your computer and smartphone to a list of trusted – or trusted – devices so that you are not asked to confirm your login.
How does two-factor authentication work?
There are two basic types of authentication – services can offer different options.
Authentication within the service itself. For example, an app can send a code in a text message or email and then ask you to enter it in a special window.
Authentication through a special application. Such applications work together with a number of services. For example, you can install a special key to log in to various services of Google and not only one. The application generates one-time keys for logging in, and it can also be used to scan a QR code.
If you have entered the correct code or password, everything will work. If not, you will have to try again. If you forget the login data, access will have to be restored through technical support.
Is it possible to bypass two-factor authentication?
It depends on the circumstances. For example, if your phone is stolen, two-factor authentication via sms will not help you much – the intruder has accessed it. But if you turn on one-time passwords from your mail, without a pin code, the thief won’t be able to generate them. But only if you have not accessed the mail from your phone, which is unlikely.
If you don’t have access to the phone, the thief will only be able to bypass 2FA if he has access to the email to which the two-factor authentication confirmation comes.
In general, two-factor authentication doesn’t provide complete security, but it still protects your account.
How to enable two-factor authentication?
The extra protection can work in different ways: either when you log into your account on a new device or any time you try to log in altogether – no matter where from.
Usually, in the services, all the details about activating 2FA can be found in the “Help” section. But the details are not always clear, so below I’ll indicate for each case in which situations 2FA will turn on and how to disable it.
Two-Factor Authentication Google
On Google, this option is located under “Google Account Management” → “Security” → “Two-step authentication”. There you can select one of the login confirmation options on your new device:
- Notifications from Google will come to all the phones on which you have logged into your account. You’ll need to click on the notification to confirm it’s you.
- A voice message or text message to a verified phone number. You’ll need to enter the code you received on the sign-in page on your new device.
- Sign in with a one-time backup code – you can get them from the two-step authentication page.
- Sign in through a key generation application – such as Authenticator, described above.
- Logging in with a one-time electronic key – a token, you can get it by following the prompts on the same page.
Disabling 2FA is simple: click the “Disable” button at the top of the page. Google will ask if you’re sure you want to do this. Click “Disable” again.
Apple ID, iPhone, Mac. On Apple devices with two-factor authentication, a one-time code will be prompted the first time you sign in with a new device, after deleting data from the device, or after logging out of your account.
If your Apple ID was created in iOS 10.3 or macOS 10.12.4 or newer, two-factor authentication is already running on it and nothing else needs to be done.
To set up 2FA on your iPhone, iPad, or iPod touch, if it’s turned off, do this:
- Go to Settings → Profile Name → Passwords and Security.
- Click “Enable” under the “Two-Factor Authentication” line.
- Click “Continue.”
- Enter the phone number you want to receive text messages or automatic phone calls.
- Click Next.
- Enter the code you receive on your phone.
On Mac the two-step authentication is activated in the same way, only you need to go into the Apple menu → System Preferences → Apple ID.
Two-Factor Authentication Microsoft
To enable two-step authentication in Windows 8, 10, and 11:
- Go to the Security page. You’ll be asked to enter your Microsoft username and password to log in.
- Find the “Two-step verification” button at the bottom and click it.
- Choose one of the identity verification options. You can choose from Microsoft Authenticator or a similar application, a code from an email to a spare email address, or from a text message.
- For example, if you select email, a verification code will arrive there. When you enter it, Microsoft prompts you to save a one-time backup code for emergency access to your account.
To turn off two-step authentication in Windows, click “Two-step verification” again.
Two-Factor Authentication Telegram
In Telegram, two-factor authentication works kind of backward. The standard authentication method is through a code in a text message, but you can also set up additional protection in the form of a permanent password.
Setting up 2FA in the app or web version is easy: “Settings” → “Privacy” → “Two-step authentication”. There you will need to set a password, and Telegram does not make any requirements for its type or complexity. After entering your password twice, you will be asked to enter your email address. A code will be sent there to confirm that you have set up two-step authentication.
To remove the password, enter the settings and select “Disable password”. You do not need to confirm this action by entering your password.
Two-Factor Authentication WhatsApp
On this messenger, go to “Settings” → “Account” → “Two-step verification”. If you enable this feature, you will have to enter a pin code of any six digits when verifying your number in WhatsApp. To make sure you don’t forget it, the next step will prompt you to enter your email address for a reminder.
In addition, the app will sometimes ask you to enter your pin code so you don’t forget.
You can disable 2FA on WhatsApp there in the settings, and you won’t have to enter a pin code or otherwise confirm your intentions.
Two-Factor Authentication PlayStation
Two-step authentication on Sony PlayStation comes in handy for logging back into your Sony Entertainment account after a password or email address change.
It only works on PlayStation 4 and PlayStation 5 consoles, as well as when you sign in to PlayStation Network through your browser.
To set up two-step verification in PS5, go to “Settings” → “Users and Accounts” → “Security” → “Two-Step Authentication. Then click “Activate” and select one of the two verification methods:
SMS password. This will also provide you with a list of backup one-time codes in case your phone is lost or stolen.
One-time codes from a key generator application, such as Microsoft Authenticator. Instead of entering a key, you can scan a QR code into the app.
In PS4 additional protection is set up in the same way, only the path is slightly different: “Settings” → “Account Management” → “Account data” → “Security” → “Two-step authentication”.
In the browser, go to the two-step authentication page and click “Enable”. After entering your username and password, click “Change” on the page that opens under “Two-step authentication”.
To disable 2FA in all cases, select the “Deactivate” status on the “Security Settings” page.
On PS3 and PS Vita, two-step authentication cannot be set, but you can create a separate device password.
Two-Factor Authentication Xbox
This console uses a Microsoft account, which I talked about setting up additional security above.
Steam. In this gaming service, two-factor authentication is called Steam Guard, and it’s enabled when you log into your account from a new device or browser. To set it up, click on your nickname in the upper right corner, select “About Account” → “Set up Steam Guard”.
You can set up protection in one of two ways:
- Receive codes on your phone. To do this, install the Steam Guard app and follow the instructions. You’ll need to sign in to the app with your Steam username and password, confirm your phone number with a code from your text message, keep a backup code for emergencies – and receive periodically updated one-time codes to sign in to Steam.
- Receive codes by email. When setting up, you’ll need to log out of your account and log back in using the one-time code from the email.
You can disable two-factor authentication on the same “Setting up Steam Guard” page, but the service doesn’t recommend doing so. If you do not use additional protection, you will not be able to trade with other players to buy, sell and exchange game inventory.
What are the applications for two-factor authentication?
Many popular services support 2FA with one-time passwords created in applications – key generators. Let’s talk about free applications that may come in handy.
The advantage of these codes is that you can get them even without the Internet and use the services as usual. For example, you can get into an account on your work computer, when you can’t get online from your phone. And then you won’t need to sign in any other way – for example, with a different device.
Google Authenticator. The application works similarly to other keys and supports two-factor authentication in different services. Here’s how to set it up:
- Download Google Authenticator for Android or iOS.
- Scan the QR code or enter the secret key from the desired service.
The app requires a Microsoft account to work. As with the previous two key generators, you can also sign in to other services, such as Google:
- Download Microsoft Authenticator: Android, iOS.
- Enter your Microsoft account username and password.
- Get a security code emailed to you and enter it.
- Choose whether to enable auto-complete – whether to save login information for apps. This is optional.
The app will now show your account, permission to log in to this device without entering a password, and a one-time code that is valid for 30 seconds. By default, the app will be locked. To log in, you’ll need to put your finger on it or enter a pin code, depending on what security settings are enabled on your smartphone.
Two-factor authorization settings for other services are similar to Google Key”: you need to scan a QR code or enter a secret key, and then the app will generate one-time passwords to sign in.
How do I regain access to my account with two-factor authentication?
If you’ve lost access to your double-secured account, many online services will ask you to prove your identity. For example, showing your passport or entering a code sent to a secondary email address. The recovery procedure may take a long time.
If you’ve lost your phone and can’t generate a one-time password or receive sms, some services will simply require you to turn off two-factor authentication and log in with your password only. If you need an SMS code to confirm, you’ll have to talk to technical support. You may be asked to restore your SIM card.
- Two-factor authentication is an additional security measure when you sign in to your account on a new device or after logging out of your profile.
- It’s free and quick to set up on all popular services by selecting one method of verification.
- If you don’t like getting codes on your phone, you can use an app that generates codes: many services support this option.
- You can disable 2FA without confirmation or with an SMS code – it depends on the settings of a particular social network, operating system, or gaming platform.