The Steps
Introduction: The Value of Two-Factor Authentication
Welcome back. I hope to took some time to relax and feel good about getting your password manager up an running. Hopefully now you are beginning to see that although it took a bit of work to set up your password manager, it is a huge time saver in the long run.
In today's interconnected world, safeguarding your online accounts is more important than ever. Cyber threats are evolving, and relying solely on passwords is no longer sufficient to protect your personal and sensitive information.
So, what is Two-Factor Authentication?
Two-Factor Authentication adds an extra layer of security by requiring two forms of verification before granting access to your accounts:
1. Something You Know: Your password.
2. Something You Have: A secondary factor, such as a code sent to your smartphone or generated by an authenticator app.
By combining these two factors, 2FA significantly reduces the risk of unauthorized access, even if your password is compromised. It acts as a robust barrier against cybercriminals who attempt to breach your accounts.
Why is 2FA Valuable?
- Enhanced Security: Adds a critical second step in the login process, making it much harder for attackers.
- Protection Against Phishing: Even if you inadvertently reveal your password, the second factor keeps your account secure.
- Peace of Mind: Knowing that your personal data and accounts have an added layer of protection.
Set up Two-Factor Authentication (2FA) for sensitive web sites or programs
I’m sure you’ve seen two-factor authentication, at least in it’s simplest form. The simplest form of two-factor authentication is when the app you are trying to log into sends a text message to your phone with a number code. In fact, many services like banks check this any time there is something different. If you are logging into your bank from a different device or a different country. But it’s a bit of a nuisance because it involves going to your phone, checking for new text messages. Then take the code and type it into the computer screen that’s waiting for it. The two-factor authentication that we will be dealing with handles the messages for us.
Fortunately, two factor authentication can be very easy to manage with the Proton Pass app. Proton Pass can serve as the authenticator (the physical device) for your logins that can use 2FA.
Let’s start by going back to the Pass Monitor utility within Proton Pass. In here you’ll see which logins Proton believes can handle two-factor authentication. Go through this list and start with some of the obvious logins like bank accounts, credit cards, investment portfolios, etc. Pick out one of these you’d like to try to upgrade to two-factor authentication.
The next part is simple to understand, but it’s easier to show it in the video, which I do, of course. But essentially you need to go to the account settings for the service you want to update with 2FA. The previous screenshot shows a generic login screen, that has the ability to support 2FA.
In this particular case, we then are directed to a screen of recovery codes. Similar to the recovery kit given to us when we first set up our proton pass account initially. Most services that support 2FA also provide recovery codes for restoring access in case you aren’t able to log in with 2FA for any reason. Often it comes after the codes are set up, but it’s fine to see it now. As before, save these codes in a safe place.
The service you are tightening security on now ask now is showing you a qrc code along with a long text version of the same code. If you are using a 2FA authenticator on your smartphone or using the proton pass authenticator, you can use your smartphone and scan the qrc code. Otherwise, you will need to copy the long code it shows you and paste it into the proton pass app record for this login. After doing that it shows you a six-digit code that is updated every sixty seconds.
I know that sounds scary, but it’s just easier to show you how it works than to explain it in writing. I recommend you watch the video.