Criminals are clever these days and protecting your life on the internet is just as important as locking your front and back doors. Setting up 2SV can help protect your online accounts, even if your password is stolen.
What is 2-Step Verification (2SV)?
2-step verification (often shortened to 2SV) provides a way of ‘double checking’ that you really are the person you are claiming to be when you’re using online services, such as banking, email or social media. It is available on most of the major online services. 2-step verification (2SV) is also known as two-factor authentication (2FA) and multi-factor authentication (MFA).
When setting up 2SV, the service will ask you to provide a ‘second step’, which is something that you (and only you) can access. This could be a code that’s sent to you by text message, or that’s created by an app.
Why should you use 2SV?
Passwords can be stolen by cyber criminals, potentially giving them access to your online accounts. However, accounts that have been set up to use 2SV will require an extra check, so even if a criminal knows your password, they won’t be able to access your accounts.
The NCSC (National Cyber Crime Centre) recommends that you set up 2SV on your ‘important’ accounts; these will typically be the ‘high value’ accounts that protect things that you really care about and would cause the most harm to you if the passwords to access these accounts were stolen. You should also use it for your email, as criminals with access to your inbox can use it to reset passwords on your other accounts.
Some online services will already have 2SV switched on. However most don’t, so you will need to switch it on yourself to give extra protection to your other online accounts, such as email, social media and cloud storage. If available, the option to switch on 2SV is usually found in the security settings of your account (where it may also be called ‘two-factor authentication’).
The Cyber Aware pages on the NCSC website contain up-to-date links to the instructions on how to set up 2SV across popular online services such as Gmail, Facebook, Twitter, LinkedIn, and Outlook.
What if 2SV isn’t available?
While many major services do offer it, there are still some that do not. If 2SV is not available on one of your important accounts, like email, you should ensure that it has a strong unique password. You may even want to consider changing services to one that does offer 2-step verification.