Protect social media with two-factor authentication
Recent reports claim Twitter is warning certain users they may have been targeted by state-sponsored attacks that attempt to extract details such as email addresses and phone numbers.
While the number of users reportedly involved is quite small, the issue serves as a reminder that users and businesses need to strongly protect social media accounts as well as other online services.
Many websites have implemented two-factor authentication. You can use two-factor authentication to greatly increase the security of social media and other online services.
Two-factor authentication involves two different criteria, or factors, used to authorise your access.
Typically, these factors are something only you know (like a password) and something only you have (like your mobile phone). For example, when logging on to an account with your password, a one-time code may be sent to you as a text message or push notification from an official app.
You will then be asked to enter the code that was texted to you as the second factor of authentication into the website you are attempting to access.
Two-factor authentication can be implemented for the following websites, among others:
- Google's two factor authentication sends you a text message when you log into a new computer to enable you to sign in.
- Facebook has a similar feature, which it calls 'Login Approvals', and can be found on its security page.
- Twitter includes the same functionality, which it calls 'Login verification'. This can be turned on via your security settings page.
- LinkedIn's version is called 'Two step verification', and can be found under 'Account' on your LinkedIn security page.
While most major websites have two-factor authentication, not all do. Search through the help settings on your social media profiles to see if they support this added protection.
For those websites that do not support two-factor authentication, you should set extremely strong, unique passwords.
Stay Smart Online has information on setting and using strong passwords.
The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.