Two-Factor Authentication: The Big List Of Everywhere You Should Enable It Right Now

Two-factor authentication is one of the best things you can do to make sure your accounts don't get hacked. Here's a list of all the popular services that offer it, and where you should go to turn it on right now.

Image remixed from Boguslaw Mazur (Shutterstock).

What Is Two-Factor Authentication?

Passwords, unfortunately, aren't as secure as they used to be, and if someone acquires your password, they can easily access your account. Two-factor authentication solves that problem.

Google's anti-spam guru Matt Cutts explained it well for us recently: two-factor authentication is a simple feature that requires both "something you know" (like a password) and "something you have" (like your phone). After you enter your password, you'll get a second code sent to your phone, and only after you enter it will you get into your account. Think of it as entering a PIN number, then getting a retina scan, the way you've seen in every spy movie ever made. It's a lot more secure than a password that anyone can hack, and keeps unwanted snoopers out of your online accounts.

Where Can I Use It?

Unfortunately, you can't use two-factor authentication everywhere on the web just yet. But a lot of sites have recently implemented it, including many of our favourite services. Here are some services that support two-factor authentication, with instructions on how to enable it:

If you use any of these services, you should head over and enable two-factor authentication right now — it's one of the best ways to keep your data (and, in many cases, your money) safe. Of course, you should also make sure you use a unique, secure password for each of your accounts; if you don't do that already, now's a good time to start.

MORE</strong: Two-Factor Authentication: What Happens When You Lose Your Phone?


    Commonwealth Bank also has two factor authentication for whenever you send a transaction to a new account that you've never sent to before, which is handy. I use it.

      Community CPS does that too. Likely standard for most banks and credit unions.

        Not ANZ, much to my frustration.

      Paypal and Ebay also have 2FA it, via a RSA fob, or the Verisign VIP app on Android/iOS/WindowsPhoneX

    Yeh 2 factor authentication is awesome except I did enable with google but using the authenticator app and it never bloody works so I have reverted it back to how it was until I can have a reliable way of it working each time!

      Works 100% for me. Strange. You're not trying to use it for apps are you? They need their own unique app-generated passwords...

        He's probably trying to put the code into the password box, not realising you need to put your password in, with Google then asking for a code if you've got TSA enabled.

      So ensure you phones time and time zone is accurate.

    uBank send you a code via text when you want to transfer money as well.

    ~Facebook Two Factor Authentication - Stopping girlfriends/boyfriends from sneaking onto their significant others account from home to check who they have been talking to since 2012 ~

      Or you can just not give them your password...

        Ha ^_^ ever said "No, you çan't have my password" if your partner says let me on your facebook? That alone would wreak havoc.

          I have. I also told her that if she ever tells me her password, I'll sign into her account and change it to something more secure.

          It didn't go down well.

            Best. Post. This. Week.

            Priceless. :')

            Are you still together? If so, I'd say that's a secure relationship.

    What happens when your phone is lost or stolen?

      They give you emergency keys incase that happens. Best to write it down on a piece of paper and carry it on you.

      Google's system lets you print backup codes, and can SMS a backup code to a separate mobile number. I gave them mum's - if it's an emergency and I've lost my phone, that's the only number I can remember. :P

      That's the whole point of two factor authentication. Something you have - a phone, something you know - a password.

      If someone gains access to your phone they will not be able to access the account without also having the password. (though its up to you to make sure the password isn't on your phone!)

    I wish banks had this feature. Out of all the services, banks would probably need it the most.

      Noting 3 of the prvious 5 comments, I can only presume you're with The Bank of Uganda...

    Surprise PayPal wasn't mentioned here. I signed up for 2 Factor Authentication a while ago. Makes me feel a lot safer.

    "If you use any of these services, you should head over and enable two-factor authentication right now — it’s one of the best ways to keep your data (and, in many cases, your money) safe."

    Which one of those allows people to get my money?

      Most can give you access to your money. Facebook - Facebook credits. Soapbox - bank statements, etc. Google - ypue email, apps, etc. Amazon - shopping . Lastpaas - passwords to other sites like banking

        Oops - Soapbox = Dropbox. Was using my phone when typing that post - The Samsumg predictive text annoys me at times.

      Money is only a small part of what can be "taken" from you if one or more of these services you use is "hacked" .... it's your Identity and ability to prove that You are really You... once someone else gains access and locke You out and then starts being "You" using your accounts. Goooood luck trying to piece that all back together when it happens.

    $%^&* Google jumps into French UI when I do this. I am getting very weary of their inability to address language issues in their products.

    Tried to enable 2 form on Facebook but and got told :

    Your current Chrome settings might make it hard to use Login Approvals.
    It's probably because:
    You sometimes clear your cookies.
    Your browser is set to automatically clear cookies whenever it closes.
    You use your browser's "private browsing" or "incognito" mode.

    How dare I like a clean secure laptop :(

      Yeah I got the same thing when I tried it a while back. Nothing I could do would ever get it to work. So i just stopped using FB. Problem solved.

      I got the same issue. Try closing and opening your FB tab, also try clearing your cache and Facebook cookies. If that all fails just set it up in incognito mode. It's a bit of pain but it is well worth having.

    Not so sure about AWS... when I go into my account's Security Credentials and the part about TFA all I get offered is this saying I have to purchase a third-party fob to provide the number ???

    No mention of Google Authenticator.... which I like, and use elsewhere with great ease.

      I have AWS using GA, it's under the root IAM

    I think there should be an open standard for this sort of thing or at least a way for smaller sites to set it up easily. It could be set up rather easily if Google Authenticator is used instead of an expensive SMS system.

      Google's Authenticator lib is open source...

    Does two factor authentication also include when you enter your own password and one on a token generating device i.e. blizzard token or suncorp internet banking (unrelated, I know)

      yes =)

      something you have, something you know

      I wish more services had "hard tokens", I would pay for one for accessing my email

    Heh, Gus forgot to close is bold tag

      Awww my own html code got stripped :(

    That's all super annoying when you live and work in the Outback with no reception (270ks from town and so coverage). More and more websites ask for this and if it's a must, I can't use the website. I just hope Google and my bank leave me skipping it! It would be great, if there would exist a solution for receiving the code to a website instead of a phone... or even RSA, but that's not provided everywhere.

Join the discussion!

Trending Stories Right Now