Protect yourself from
cybercrime with
2-step verification

19 Jun 2018

What is 2-step verification?

2-step verification – also called 2-factor verification or 2FA – is an extra security measure for your online accounts that can potentially reduce the risk of fraudulent access.

While it’s not a guarantee against cybercrime, 2-step verification makes life more difficult for online villains. With 2-step verification in place, cracking your password or hacking social media sites are no longer enough to access your personal data.

Anyone trying to get into your accounts will also need to get hold of your phone. So we recommend you use 2-step verification wherever it’s offered.

How does 2-step verification work?

When you log into online accounts on a website using 2-step verification, you’re asked to enter your password and a verification code that’s sent to your phone, either by text message, email or using a security app like Google Authenticator.

Which companies offer 2-step verification?

Some of the companies and services that offer 2-step verification include:

• Many Australian banks
• Australian Government sites including MyGov
• Google
• Social media sites including Facebook, Instagram, Twitter, Tumblr, Reddit
• Dropbox
• iTunes
• Amazon
• Microsoft

How do I setup 2-step verification?

Google was one of the first companies to offer 2-step verification. So let’s use their steps as an example of how to set it up.

1. Visit Google's 2-step verification page and select Get started.
2. Enter your Google email and password.
3. Select Start setup.
4. Add your mobile phone number. (If you use Google Voice, this should not be your Google Voice number).
5. Verify your phone number by entering the six-digit code Google sends you.
6. Choose whether to add the computer or device you are using as a trusted device.
7. Confirm that you want to turn on 2-step verification

Is there another way to receive the verification code?

Some apps or services can send you the code by email or with a voice call.

You can also use an app called Google Authenticator to generate your verification code on your phone.

Google Authenticator can generate verification codes for your Google Account and for a range of other apps and services. You’ll need to turn on code generation in the security settings of the app or service itself.

How do I use Google Authenticator?

Facebook is one of the popular apps that uses Google Authenticator for 2-step verification. So let’s use Facebook as an example of how you could use it.

1. Log in to Facebook with your username and password.
2. On a computer, in the top menu bar, on the right side, select the downwards-pointing arrow.
3. On a phone, select the More menu at the bottom left.
4. In the drop-down menu select Settings.
5. In the General Account Settings window, in the left-side menu, select Security and login.
6. In the Security and login window select Use two-factor authentication.
7. Follow the instructions to setup 2-step verification.

The next time you log in to Facebook you’ll be asked to provide 2-step verification. Here’s what will happen.

1. Log in to Facebook with your username and password.
2. Facebook will ask you to enter a six-digit code.
3. Open Google Authenticator.
4. Google Authenticator will generate a code.
5. Enter the code in the relevant field on Facebook.

So do I really need 2-step verification?

Yes, if a service or app offers 2-step verification, you should use it wherever possible. While 2-Step verification isn’t mandatory for most accounts, it’s a simple step that adds an extra level of security to your accounts and makes it harder for criminals to steal your information.