This is part three of a five-part series on managing your passwords. You can view the other published posts by scrolling down and clicking #Password Guide at the bottom of this page. 

In this part, we’re going to cover setting up Multi-Factor Authentication to add an extra layer of security to your primary email and your other accounts.

What we are covering:

1. Create a few strong master passwords
2. Choose a primary email that governs your accounts
3. Secure that email with a new, strong password
4. Choose a Multi-Factor Authentication app
5. Set up Multi-Factor Authentication on your primary email
6. Select and set up a password manager
7. Update every account, secure it, and log it in the password manager
8. Delete old passwords stored in your browser
9. Maintain the course and continue to practice good cybersecurity hygiene!

Step Four: Choose a Multi-Factor Authentication App

Multi-factor authentication (MFA) is sometimes also referred to as 2-factor authentication (2FA). They are essentially the same thing, and you’ve probably run into accounts that require this. When you log into an account, you get an email or a text message with a 6 or 8-digit PIN that is required for you to finish the login process.

It might seem inconvenient, but this adds a huge layer of security to your accounts. If someone were to crack your password, they would still need to have access to your phone in order to get into your account.

The most iron-clad way to set this up is to use an authenticator app that installs on your phone, and can easily be transferred over to new phones when you upgrade.

An authenticator app prompts you to scan a QR code to enter the account into the app. After that, the app will cycle through a 6-digit PIN that refreshes every 30 seconds that you can use whenever prompted while logging into the account.

Why Don’t We Just Use Text Messages for Multi-Factor Authentication?

Some accounts will let you use SMS text messages for authentication, and while this is better than nothing, it’s a little less secure. There have been many cases where cybercriminals have been able to infiltrate and intercept these text messages to sneak their way into your accounts.

Let’s take a look at some of the most popular authentication apps:

Google Authenticator is a good choice if you are already using Google’s ecosystem (for instance, if you use Gmail for your primary email). As long as you take good care of that Google account, moving from one device to another is seamless and ensures you’ll always have access to your authentication codes. If you are using Google in general and have a Gmail account, Google Authenticator is the way to go for your personal life. 

Install Google Authenticator for Android here

Install Google Authenticator for iOS here

Microsoft Authenticator is good too, but you will be required to manually back up the app and restore it when you get a new device.

Install Microsoft Authenticator for Android here

Install Microsoft Authenticator for iOS here

DUO Authenticator is a popular third-party authenticator, and like Microsoft, you can manually back it up to the cloud and restore it to a new device. DUO is a particularly good option for businesses as it allows for push notifications and can be centrally managed. 

Install DUO Mobile for Android here

Install DUO Mobile for iOS here

Apple Passkeys and Apple Keychain are Apple’s take on authenticator apps. If you are in Apple’s ecosystem as opposed to Google, this might be a good option, but not all logins will support Passkeys, so you’ll need Keychain for traditional MFA accounts. Both Passkey and Keychain are built into iOS, and neither have official Android versions.

Keep in mind that your company might have an official solution to use for work-related accounts.

Step Five: Set up Multi-Factor Authentication for your Primary Email

Now that you have an authenticator app, you need to start using it!

Start with your primary email account that we established in the previous part of this guide. This is your main email account that you will associate with almost all of your other accounts, so it needs the highest level of security. It won’t prompt you for your MFA code every time you check your email, but it will ask whenever you try to sign into a new device or log out and log back in.

You can typically set up multi-factor authentication in the security settings of any account, but the exact way to find it will depend on the service. Here are a few of the popular ones:

Setting up MFA for Gmail/Google
For Google/Gmail, go to your Account page, go to Security > 2-Step Verification and follow the prompts to set it up in your Authenticator app.

Setting up MFA for Microsoft/Outlook/Hotmail
For your Hotmail or Outlook account, log into your email and click the gear icon. Then go to Options > Account Details, and then go to Security & Privacy > More Security Settings, and scroll down to Set up two-step verification. Then follow the prompts to set it up in your Authenticator app.

Setting up MFA for Apple
You can manage your Apple account by signing in to the Manage Your Apple Account page. Then go to Account Security > Two-Factor Authentication and click Get Started…

Follow the prompts to set it up in your Authentication app.

Setting up MFA for Other Emails
Most emails and online accounts have settings to enable multi-factor or two-factor authentication. Typically these are in areas in the settings labeled account, security, privacy, or something similar to that.

Be Sure to Check Out The Rest of the Posts in This Series

This is a five-part guide! Head on back to our blog to see the rest of these articles (we’ll be posting each one every other weekday). You can also click on #Password Guide below to see all of the parts that are currently published.

‍