Two-step verification or two-step authentication is a method of confirming a user's identity by utilizing something you know (such as a password) and a second factor other than something you have (such as a hardware token or cell phone) or something you are (such as your fingerprint). An example of a second step is the user repeating back something that was sent to you through an out-of-band mechanism (activity outside a defined telecommunications frequency band, or, metaphorically, outside some other kind of activity). In most cases, the second step in authentication is a six digit numeric code which is either 1) sent to you via a text message on your phone which can only be used once, or 2) generated by an app that is common to the user and the authentication system. Two-factor means the system is using two of these options.
Codes generated by an authentication app are linked to and synced across your accounts, so you can scan a QR code on your phone and get your 6 digit access code on your browser if supported. The codes provided for each account by the authentication app rotate constantly and you do not have to be on the internet to use them. There are several authenticator apps available to perform digital authentication including Google Authenticator (free on Android and iOS), Authy, LastPass Authenticator and SASSPASS. These authenticators do the same thing on moble and some desktop platforms (such as Authy) and the majority of the most popular password managers such as 1Password and LastPass, have 2FA by default.
Data generated by authentication apps is encrypted and stored in the cloud; decryption takes place on your device. Guides can be found on many sites for which you want to set up authentication; Facebook, Yahoo, Gmail, Amazon, Twitter, Apple, Dropbox, Microsoft, Pinterest, etc.
The Two Factor Auth (2FA) website lists a number of websites and whether or not they support 2FA.
And last but not least, it is important to avoid phishing attempts. If you ever get an email asking you to reset your password immediately, do not click on any links in the email but instead go directly to the website account in question.
Facebook Two-Factor Authentication
On your Facebook page, go to Settings > Security and Login
Under Two-Factor Authentication, click edit on the right and turn on two-factor authentication. Choose how you would like to receive your second form of authentication; i.e., text message, authenticator app, or a physical security key.
On a desktop computer, after choosing the authenticator app, FB will produce a QR code. Open your authenticator app on your phone, select add and then hold your phone up to your computer screen so that you can capture the code. Next time you log in to Facebook, you will be requested to provide a six-digit code; open your authenticator app and retreive it from the Facebook account. (Remember, the authenticator apps can handle several accounts, such as Twitter, Microsoft, Google, Amazon, etc, so make sure you have selected the correct one.). For apps that don't work with 2FA when using your Facebook credentials to log on to their site, Facebook offers App Passwords, which is a one time password access to your Facebook account via a third-party app or service. You can find them in your Facebook Settings via Settings > Security and Login. Scroll down to Use two-factor authentication and click Edit. Go to App Passwords > Generate App Passwords.
Under Setting Up Extra Security, turn on
- Get alerts about unrecognized logins
- OPTIONAL: Choose 3 to 5 friends (family) to contact if you get locked out