How to add two-factor authentication to your social media accounts
With the number of personal account hacks on the rise, many internet services now offer users the ability to implement two-factor authentication, or 2FA as it is sometimes known. With two-factor authentication, even if the hacker has your password, they will need your phone or security key to get into your account.
Authentication factors are categories of credentials used to verify that someone or something is who or what they are claiming to be. There are three categories: 1) Knowledge factors – these are credentials that the user knows, typically a username and password. 2) Possession factors – these are things that the user has, typically a mobile phone. 3) Inherence factors – these are things that the user is, typically a biometric characteristic such as a fingerprint or an iris pattern. Strong authentication means the system is using two or more of these options.
In May 2019, Google announced a one-year study it did in partnership with New York University and the University of California, San Diego. The trio found that SMS two factor authentication blocked 96 percent of bulk phishing attacks, and 76 percent of targeted attacks trying to crack into your Google account.
If you would like to add two-factor authentication to your social media accounts, we recommend downloading an authenticator app on your smartphone, such as Google Authenticator or Duo Mobile. Sending your smartphone a text message for your two-factor authentication, is still more secure than simply using a stand-alone password, however, if the hacker has got your physical device they could still get into your accounts.
Here’s how you can set up two-factor authentication on social media platforms with these apps (available for free on both iOS and Android smartphones).
To turn on or manage two-factor authentication:
- Go to your Security and Login Settings.
- Scroll down to ‘Use two-factor authentication’ and click ‘Edit’.
- Choose the security method you want to add and follow the on-screen instructions.
If you’re using an authenticator app the method you’ll want to choose is ‘Login codes from a third party authentication app.’
From then on whenever you sign into Facebook it will request a six-digit code that can be found when you open the authenticator app.
To set up two-factor authentication on Snapchat follow these steps:
- Tap ⚙️ in My Profile to open ‘Settings’
- Tap ‘Two-Factor Authentication’
- Tap ‘Continue’ to finish setting it up!
Then, select that you are using an authenticator app. As with Facebook, after two-factor authentication has been set up, your authenticator app will generate a single-use code that only work for a short amount of time, each time you login to Snapchat.
The process on Instagram is slightly more complicated. To set up two-factor authentication:
- Tap or your profile picture in the bottom right to go to your profile.
- Tap in the top right, then tap ’Settings’.
- Tap ‘Security’ and then scroll down and tap ‘Two-Factor Authentication’.
- Tap next to ‘Authentication App’, then tap ‘Set Up Manually’. If you don’t see the toggle switch, tap ‘Get Started’.
- Tap ‘Copy Key’ below the Instagram key and paste it into your authentication app
- Please note: It is important to copy the key code to your clipboard, take a screenshot, or save it in some other way since you won’t be able to access the code again once you’ve finished setting up.
- After your Instagram account is linked to your authentication app, copy the 6-digit code your authentication app creates.
- Go back to the Instagram app, tap ‘Next’ and paste the 6-digit code to complete the process on that device.
To add your two-factor authentication on Twitter:
- In the top menu, tap your ‘profile’ icon, then tap ‘Settings and privacy’.
- Tap ‘Account’, then tap ‘Security’.
- Tap ‘Two-factor authentication’.
- Then select: ‘Authentication app.’
It is also worth mentioning that this technology does not require an internet connection or phone service to use, meaning you can login with two-factor authentication at any time. This is because the time counter used in the app that provides you with an up-to-date code is synced with the current time on your phone. The client and server therefore remain in sync as long as the system times remain the same.
However, there are a few things to be aware of though when using authentication apps. The app will need to be up to date with the latest software version, and if you change phone you will need to login to the service provider on your web browser and click ‘Change Phone’ to update your details, as well as scanning a barcode in the app on your new phone. This is because it is the phone itself that is linked directly to the authentication process, and only one device can be linked at one time.
If you found this post helpful, we recommend reading these previous posts: