The estimated reading time for this post is 4 minutes
Even if you’re not a celebrity you may be concerned about the news that the photos of famous folks were obtained by hackers who then published them for the world to see. When we store files in the Cloud, we rely on the security of our passwords for protection. Sometimes that security isn’t enough but the good news is that you can add an extra layer of protection against hackers.
While we don’t know exactly how the photos were obtained, yesterday Apple said its investigations showed that iCloud was not hacked but that:
“certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions…To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification. Both of these are addressed on our website at http://support.apple.com/kb/ht4232.”
You can protect yourself and prevent many of your accounts being accessed by others by using 2-Step Verification so that entering a password isn’t enough to gain access to your accounts. By using 2-Step Verification you’ll have an added layer of security to greatly reduce the chances that your accounts will be hacked.
Even after you take enable 2-Step Verification on your accounts, you should still protect your accounts with strong and unique passwords.
☞ See, How to Create a Strong Password and Why You Should Do This Now
What Is 2-Step Verification
2-Step Verification, sometimes called 2-Factor Authentication, means that you have to take two steps to log into an account. You not only have to log in using your password but you have to take a second step to verify your identity. Often the two steps involve something you know, such as your password, and something you have, such as your cell phone.
To sign into an account using 2-Step Verification you log into your account using your user name and password, then you’ll get a notice that a passcode was sent to your cell phone. The passcode will be sent to you via text message to your cell phone so someone who has your user name and password can’t log into your account without it.
After you enable 2-Step Verification for an account, you’ll be required to enter that passcode when you log into your account on a new computer or mobile device. If you stay logged into your account or check “Remember This Device” then you’ll only have to use 2-Step Verification the first time you log in to your account on that device.
This video from Google explains how 2-Step Verification works:
What If You Don’t Have Access to Your Cell Phone?
Many services have alternate methods of verifying your identity in case you don’t have your phone, the battery is dead or you don’t have cell phone service. You may be able to enter a different code or generate a new code from a trusted device. Make sure to check the instructions when you enable 2-Step Verification for your account.
Here’s a video from Google showing what to do if you can’t use your cell phone but want to log into your Google account using 2-Step Verification:
☞ Also see, A True and Terrifying Tale of Digital Disaster (and How to Avoid It Happening to You
Accounts that Offer 2-Step Verification
Google was the first service offering 2-Step Verification but many others have followed Google’s lead.
You can set up 2-Step Verification for the following services. Click on the links to begin the process to enable 2-Step Verification for your accounts:
☞ Also see, http://twofactorauth.org/ for a much longer list of websites that support 2-Step Verification.
Google Authenticator App
You can also use the Google Authenticator app to generate security codes for 2-Step Verification for Google and other services, such as Dropbox, Evernote and Facebook. After you enable 2-Step Verification for your accounts you link them to the Google Authenticator app to generate passcodes without a text message.
The Google Authenticator app is available free for:
One More Thing: 2-Step Verification Doesn’t Actually Work to Protect Photos in iCloud
If you’re a celebrity whose photos were stolen from iCloud and you didn’t have 2-Step Verification enabled for your Apple account, don’t feel bad. Well, okay, you can feel bad about the photos being stolen, but don’t blame yourself for not having your Apple account protected by 2-Step Verification.
According to Tech Crunch, enabling 2-Step Verification doesn’t protect many of iCloud’s services, in spite of Apple’s press release yesterday advising users to enable 2-Step Verification.
Apple’s 2-Step Verification only protects:
- Signing in to My Apple ID to manage your Apple account
- Making iTunes, App Store, or iBookstore purchases from a new device
- Receiving Apple ID-related support from Apple
See Tech Crunch, Apple’s Two Factor Authentication Doesn’t Protect iCloud Backups Or Photo Streams
Apple has scheduled a meeting on Tuesday of next week where it may announce the launch date for the anticipated expansion of iCloud services. At WWDC in June the company introduced us to HealthKit and HomeKit, which are due this fall and will allow us to access our health records and home information remotely.
☞ See, WWDC 2014 – Apple’s New Features Make Your Mac and iPhone Much More Powerful.
Due to the Tech Crunch article and the impending expansion of iCloud services, I expect Apple to update 2-Step Verification to include iCloud services in the near future.
Your Thoughts
Do you use 2-Step Verification for extra security on your accounts? Do you think the added protection is worth the extra step to verify your identity? Have you ever had an account hacked? Let us know in the Comments section below!
Hi Carolyn,
I do this for Google, it drives me nuts. They have passwords you are supposed to use once too. My bank uses a pin-sentry system that is very secure, but we really need a new system that is quick and easy to use. Maybe someone can invent a cheap finger print scanner! 🙂
Hi Mike, You’re not alone. Getting added security usually means added inconvenience too. Taking this extra step can be a nuisance but like a heavily secured lock, thieves may try to break in elsewhere that isn’t well secured.
The iPhone 5s has a fingerprint scanner which can be used instead of entering a passcode to turn on the phone and to make purchases in iTunes.
Hi Carolyn, I love this.
It seems that it’s big step in the right direction for more security. I’m going to be checking this out for use on as many accounts as I can.
I would love it if we could have this for WordPress, but so far it doesn’t appear WordPress has it.
Thanks for the heads up on this 🙂
Blessings,
Liz
Hi Liz, Yes, you can add 2-Step Verification for WordPress using a plugin and the Google Authenticator app. Here is more information about that: http://en.support.wordpress.com/security/two-step-authentication/
Thanks so much for that Carolyn. I’ll be looking into that.
Liz 🙂
Hi Liz, I hope this works well for you! Anything to keep the hackers away, right?
Hi Carolyn,
After this two step verification I am so satisfied from G-mail service.
Now I don’t need to worry about my G-mail account which is used everywhere on Google.
The point you have raised about not having the phone is truly good. There is a possibility that we don’t have phone with us then it’s necessary to check our account be using such identity checker.
Thanks for this great post.
Have a happy week ahead.:)
~Ravi
Hi Ravi, Yes, some people hesitate to sign up for 2-Step Verification because they worry that they won’t have their phone with them. But that shouldn’t be a concern because these sites have a way around that to make logging in safely possible with other methods.
Thanks for taking the time to share your thoughts with us, Ravi!
Hey Carolyn,
I really hate the two step process myself so I haven’t put this into play on any of my accounts. Let’s just put it this way, I’ve never been hacked so if they are coming from someplace it’s not me so I guess like anything else, until that time happens I guess I’ll just decide what to do then.
I know we need more security and I know it’s a shame we even have to do any of this but this is definitely the way life is leading us these days with all the thieves out there.
Appreciate you letting us know though, it’s definitely important.
~Adrienne
Hi Adrienne, Yes, 2-Step Verification is annoying but even more annoying is getting hacked. Many people resist taking this step until they’re hacked and then take the leap.
I’m glad you have never been hacked, Adrienne, and I hope that never happens to you!
Hi Carolyn,
This is great advice. I haven’t been using 2-step verification for many services yet, but I’m getting there. Ever since my Google account was hacked a few years ago, I have been scared of what could happen if someone else got access to my different accounts. I am using 1 Password for my passwords, and trying to add as much security as possible to all my different accounts.
Hi Jens, Yes, after you’ve been hacked you become much more concerned with security. One of the scariest things is to get a text message with the passcode to log into your account when you haven’t been trying to log in. Then you realize how useful 2-Step Verification is!
Hi Carolyn,
This 2 step verification is really an added advantage for everyone. And with news surrounding us daily that the accounts of celebrities were hacked and something similar for the common people. But, most of the times people who have a well established image get hit. But, you never know when the hackers can steal your data.
So everyone should use a protection as their personal information can get public anytime. And there are news also about some celebrities stolen pics from accounts a couple of days back.(Don’t want to name that )
I would prefer everyone to get safe with something extra. Though personally never used any service like that, Lol !! .But I will for sure.
Hi Aditya, Yes, these hackers are very bold going after celebrities. But even if you’re not a celebrity you still can be the target of hackers. I hope that you are never a target, Aditya, but if you are, using 2-Step Verification may be your best protection against being hacked.
Hi Carolyn , Thanks as always for spreading nuanced quality content. I liked your info very much. It was very well-presented and approachable. Good job and looking forward to more articles.
Hi Stephen, Welcome to The Wonder of Tech! I’m glad you are enjoying The Wonder of Tech. Thanks for stopping by and sharing your thoughts with us!
I like the Google 2-step verification, because of the speed you’ll get after signing up on there websites and getting the sms of phone-call.
The Google Maps verification on the other hand is sending a letter to the address. This type I dislike because of the days wait you’ll get after signing on. Ofcourse I understand this is the only solid way to verify you are really the person or company on this address. 😛
Hi Marcel, Welcome to The Wonder of Tech! Yes, taking that extra step to be safe can help you avoid a lot of headaches later.
Unfortunately, hackers have been trying to mess with Google Maps so the company needs to be able to verify which addresses are real. Snail mail is the most efficient way to verify a location and keep hackers at bay.
Hi Carolyn,
This is the problem of less conscious internet users, they are not even aware of the sites they surfing and filling up forms. Thanks to that 2x verification, actually Google have been implenting it for several years now cause everytime I use different ip’s they always sent me a verification email about who logged on my account.
Hi Chris, Welcome to The Wonder of Tech! You’re right, many people don’t really pay attention when they’re logging into sites and giving their email address. By adding 2-Step Verification you can protect yourself much better from hackers.
Hi Carolyn,
Wonderful post which contains very useful information. All the points which you mention in your article are great. Over all your post is informative, inspirational and instructive. Thanks for sharing such an excellent article.
Hi Muhammad, Thanks for your kind words. I’m very glad you enjoyed this article!