TwofactorauthenticationYou may have noticed that some of the Microsoft social media accounts were compromised last week by the Syrian Electronic Army. CNET story here. http://news.cnet.com/8301-1009_3-57617306-83/microsoft-employee-e-mail-also-hit-by-syrian-electronic-army/

Well that happened because the people who had access to those accounts used just plain old Passwords. We should all know by now that plain old passwords SUCK. I have written about this before such as in my article about password insecurity found here: http://mythoughtsonit.com/2012/10/password-insecurity/

What you need is to use some form of two-factor authentication! If you don’t use two-factor authentication today, I ask you why not? It isn’t that hard and is just a little annoying but it is nowhere near as bad as someone taking over your account. Here are a list of some common sites with the directions to turn on two-factor auth.

Facebook Accounts

  1. click on the “Preferences” (gear icon) located in the upper right corner of your Facebook page and select “Account Settings”
  2. Click “Security” and enable “Login Notifications” and “Login Approvals” by clicking “Edit”
  3. Click “Save Changes”

Twitter Accounts

  1. Click on the “Settings and help” (gear icon) located in the upper right corner of your Twitter page and select “Settings”
  2. Under “Account” select “Security and privacy”
  3. Under “Security/Login verification” select “Send login verification requests to my phone” You man need to add a SMS enabled mobile phone to your Twitter account to enable this feature.
  4. At the bottom of the page, click “Save changes”

LinkedIn Accounts

The way LinkedIn handles two-step verification is by requiring you to type a numeric code when logging in from an unrecognized device for the first time. This code will be sent to your cell phone via SMS. Here is their blog page with directions on how to turn this on:
http://blog.linkedin.com/2013/05/31/protecting-your-linkedin-account-with-two-step-verification/

Dropbox Accounts

Dropbox has a webpage on turning on two-factor authentication which you can see here:
https://www.dropbox.com/help/363/en

Google Accounts

Google has a webpage all about it’s two factor authentication. It is for it’s own service and others companies are using it’s app to enable two-factor authentication on their sites instead of creating their own app.
http://www.google.com/landing/2step/

Apple Accounts

Apple supports two-factor authentication via SMS messages to your cell phone. Read about enabling it here:
https://support.apple.com/kb/HT5570

Microsoft Accounts

Your Microsoft account can be setup for Two-Factor Authentication. Here is a link to the FAQ with step by step directions.
http://windows.microsoft.com/en-us/windows/two-step-verification-faq

For more tips and general information on Social Networking Safety Microsoft has some good stuff here: http://www.microsoft.com/security/online-privacy/social-networking.aspx

If you have other suggestions – please add them to the comments section. Thanks –Brian