Once you’ve begun to manage passwords, you will also want to take advantage of something known as Two-factor Authentication. Rather than just a single password that can be guessed or stolen, Two-factor Authentication requires two pieces (something you know, and something you have), rather than just a password. Today, most of the cloud services you already know and love offer some form of Two-factor Authentication, but it’s not always obvious or easy to get it setup. However, this feature is critical to helping ensure the continued security of your accounts. Always try to look to see if a service you use has a form of Two-factor Authentication available. Below are a set of links that should cover most services and give you an idea of how to set each of them up.
You should use DUO Security Integration as much as possible when available. Otherwise, use the Authy App in place of “Google Authenticator” on any website. I recommend it so that your Two-factor codes are backed up online in case of phone loss/theft.
Personal Security Stack: Layer 2
Two Factor Authentication: DUO Security
- Super modern and secure way to two-factor authenticate without codes.
- Lots of Integration: LastPass, WordPress, SSH, etc.
- Create an account at duo.com
- Generate and save the credentials into your Layer 1 Password Manager.
- Use the Documentation to integrate as much as possible.
- You should always choose a DUO Integration if available above all other integration methods.
- Authy is a great fallback for Google Authenticator (see below)
Two Factor Authentication: Authy
- Full compatibility with any Google Authenticator codes.
- Cloud Backup & Sync of Authenticator codes.
- Allows you to still access and recover your Authenticator codes in case of loss/theft and/or phone change.
- Signup at authy.com
- Generate and save the Authy credentials into your Layer 1 Password Manager.
- Create an Authy Backups Password, and save it to your Layer 1 Password Manager.
- Use turnon2fa.com & twofactorauth.org to enable Two Factor Authentication on as many websites as you can! Use Authy in place of Google Authenticator when being asked to scan a code.
- Use DUO Security Integrations in place of Authy/Google Authenticator where possible.
Two-factor List Powered by Link Library