Setting Up Two-Factor Authentication (2FA)
Protect your most important accounts with an extra layer of security in under an hour.
- 1
Understand 2FA methods
2FA adds a second verification step beyond your password. Methods ranked by security: hardware keys (YubiKey) > authenticator apps (Authy, Google Authenticator) > SMS codes. Avoid SMS when possible due to SIM-swap attacks.
- 2
Install an authenticator app
Download Authy or Aegis (Android) / Raivo (iOS). These apps generate time-based one-time passwords (TOTP) that refresh every 30 seconds. Back up your 2FA secrets securely.
- 3
Enable 2FA on critical accounts first
Priority order: email account → password manager → bank/financial → social media → everything else. Your email is the master key — if compromised, attackers can reset all other passwords.
- 4
Save backup codes
Every service provides 8–10 single-use backup codes when you enable 2FA. Store these in your password manager or a printed copy in a safe place. You'll need them if you lose your phone.
- 5
Consider a hardware security key
For maximum security on Google, GitHub, and other supported services, add a YubiKey or Google Titan key as a FIDO2/WebAuthn second factor. Keys are phishing-resistant by design.