Extra layer of security with two-step verification

Adding a verification code to your account can make it a lot harder for your personal information to be accessed by people you don’t want.
29/09/2022 | 5 minutes

What is two-step verification?

Two-step verification is an extra security measure for your online accounts that can help reduce the risk of unauthorised access. While it’s not a guarantee of complete protection against cyber crime, it makes life more difficult for online villains.  

Anyone trying to get into your accounts would not only need to work out your username and password, they’d also need to get hold of your phone. So, we recommend you use two-step verification wherever it’s offered. 

How does two-step verification work?

When you sign in to online accounts on a website using two-step verification, you’re asked to enter your password and a verification code that’s sent to your phone, either by text message, email or using a security app like Google Authenticator.

Do all companies offer two-step verification?

Many already do, with more companies being required to by the Australian Communications and Media Authority (ACMA). Some of the companies and services that have two-step verification include:

  • Australian banks
  • Australian Government sites like myGov
  • Telstra
  • Google
  • Social media sites including Facebook, Instagram, Twitter, Tumblr, Reddit
  • Dropbox
  • Apple
  • Amazon
  • Microsoft.

How do I set up two-step verification?

Google was one of the first companies to offer two-step verification. So, let’s use their steps as an example of how to set it up.

  1. Go to Google's two-step verification and select Get started
  2. Enter your Google email and password
  3. Select Start setup
  4. Add your mobile phone number. (If you use Google Voice, this should not be your Google Voice number).
  5. Verify your phone number by entering the six-digit code Google sends you
  6. Choose whether to add the computer or device you are using as a trusted device
  7. Confirm that you want to turn on two-step verification. 

Is there another way to receive the verification code?

Some apps or services can send you the code by email or with a voice call. 

You can also use apps such as Google Authenticator to generate your verification code on your phone. 

Google Authenticator can generate verification codes for your Google Account and for a range of other apps and services. You’ll need to turn on code generation in the security settings of the app or service itself. 

How do I use Google Authenticator?

Facebook is one of the popular apps that uses Google Authenticator for two-step verification. So, let’s use Facebook as an example of how you could use it.

  1. Sign in to Facebook with your username and password
  2. On a computer, open the top menu bar on the right-hand side, or on a phone, select the More menu at the bottom left
  3. Go to Settings
  4. In General Account Settings, select Security and login
  5. In Security and login select Use two-factor authentication
  6. Follow the prompts to set up two-step verification.

The next time you sign in to Facebook you’ll be asked to provide two-step verification. Here’s what will happen:

  1. Sign in to Facebook with your username and password
  2. Facebook will ask you to enter a six-digit code
  3. Open Google Authenticator
  4. Google Authenticator will generate a code
  5. Enter the code in the relevant field on Facebook.

Why is two-step verification important?

While two-step verification isn’t mandatory for most types of accounts, it’s a simple step that adds an extra level of security to your accounts and makes it harder for criminals to steal your information. 

What you need to do as a Telstra customer

If you’re a Telstra customer, you’ll need to use two-step verification to manage or make changes to your account and services through My Telstra, on the phone or in store.  

This will help us make sure we’re talking to you and not someone pretending to be you. 

Using two-step verification is a mandatory step for Telstra customers following the introduction of new customer identity verification rules by ACMA.

Check your contact details

Make sure your contact details are up to date in the My Telstra app, and that you have your current mobile contact number on your account. That way, you can receive a one-time code to verify your identity when you get in touch with us. Here’s how: 

  1. Sign in to the My Telstra app 
  2. Select Profile 
  3. Select Personal Details.

Set up a Telstra PIN

All our customers will need to have a Telstra PIN from October onwards to securely log into the My Telstra app. The good news is that it’ll only take a moment to set up and you can do it right now: 
  1. Sign in to the My Telstra app
  2. Select Profile 
  3. Select Security Settings 
  4. Go to Telstra PIN and Face/Fingerprint ID.