Two Steps Ahead Campaign

Two Steps AheadVisit the Events page to learn about the next stops on our Two Steps Ahead: Protect Your Digital Life Tour.

On the internet, a password is like the key to your house - it keeps all of your things safe, from your streaming movies to your banking information. Usually, a username and password gives you access to your email, financial data and health information, photos and videos, social networking sites and other accounts.

These accounts contain a tremendous amount of personal and financial information, so you don’t want that data falling into the wrong hands. According to Telesign's 2015 Consumer Account Security Report, 40 percent of respondents had experienced security incidents (such as hacked accounts, password theft or notices that their personal information had been compromised) in the past year. Additional findings:
  • 8 in 10 people are worried about their online security
  • 7 in 10 people no longer trust passwords to protect their online accounts
  • 47 percent of people use passwords that are at least 5 years old
  • 54 percent of people use five or fewer passwords across their own online lives, creating a "domino effect" that allows hackers to take down multiple accounts just by cracking one password
  • 68 percent of people say they want companies to provide an extra layer of Internet security
  • 86 percent of people who use two-factor authentication feel their accounts are more secure
That's why it's important to use all the security tools at your disposal to protect your account, such as two-factor authentication.

Check out this video for an intro to all things two-factor authentication.

What is Two-Factor Authentication?
Two-factor authentication (also referred to as two-step or multi-factor authentication or verification or 2FA) is an overly technical-sounding term for a simple solution.

It’s a security tool that uses multiple verification techniques to prove that the person attempting to log in to an account is really them.

There are a variety of methods you can use to log in to an account with two-factor authentication, including
  • Something you know: a password, code, passphrase or PIN
  • Something you have: a physical token, chip, fob, or phone
These methods provide an extra layer of security. Most people only have one layer – their passwords – to protect their accounts. But combining something you know (your password) with something you have (like your mobile device or a token) makes your account even more secure.

Additional information here:

Why Should I Secure My Account?
Enabling these services adds an extra layer of protection to your accounts. 

You can also think of them as deadbolts to your online house. These features significantly improve the security of your accounts because they require something only you will know or have, like a personalized code or PIN and your phone. 

Even if your password gets stolen, having these services enabled will make it more difficult for someone to access your account.

What About Passwords?
Passwords aren’t the best way to secure your accounts. Passwords have been stolen in large-scale data breaches, placing millions of people at risk of identity, data or financial theft. And people don’t always follow the best practices when it comes to password security. 

Some of the most popular passwords are "password1" or "123456."And sometimes, people don't have a separate password for each account - which means if cybercriminals crack one password, they gain access to all of your online accounts. 

In fact, according to a recent Pew Research Center Study, 21% of Internet users over the age of 18 have had an online account compromised. And if you use the same account (for example, your email) to manage other accounts, your risk of account hijacking or identity theft is increased. 

How Does Two-Factor Authentication Work?
There’s no universal method, but most web services that offer account protection beyond the password require the use of a phone, email account, physical device (like a token or chip) or texting service, your knowledge of a social networking account or another method.

Here’s how many services typically work:
  1. You enter a phone number or an alternate email. (This is a way for the online service to contact you when you want to access your account.)
  2. The service provider generates and sends you a verification code. This code is only good for one use – otherwise it would be just like a password!
  3. Once you receive the code, you enter it, along with your username and password, and gain access to your account. (This step can vary depending on the service you're using.)

Two Steps Ahead: Protect Your Digital Life Tour
STOP. THINK. CONNECT. and other partners are hosting online safety events throughout the country to educate people and small business owners about adding layers of security to their everyday online activities. To learn more about the Two Steps Ahead: Protect Your Digital Life tour, visit the Events page.

Promote Two-Factor Authentication on #2FactorTuesday
#2FactorTuesday is a social media campaign happening the first Tuesday of each month. Events, resources and content relating to authentication will be shared on each #2FactorTuesday by public- and private-sector partners. #2FactorTuesday's goal is to increase the adoption of two-factor authentication as a means to protect online accounts.

Sample Social Media Content
Share these links and posts on social media the first Tuesday of each month. Be sure to use the hashtag #2FactorTuesday!
  • Show your #2FA pride on #2FactorTuesday. Have you turned it on? Here's how:
  • Get two steps ahead this #2FactorTuesday and turn on #2FA! #CyberAware
  • Head over @TeleSign's  for detailed instructions. #CyberAware #2FactorTuesday
  • We always encourage good #online #security practices. Turn on #2FA this #2FactorTuesday
  • #2FA is a tool that uses an extra step to prove that the person logging in to an account is authorized. @stopthnkconnect #2FactorTuesday
  • Good morning on this #2FactorTuesday! Have you turned on #2FA yet? #CyberAware
  • It's #2FactorTuesday, have you turned on #2FA yet? #CyberAware

How to Enable Two-Factor AuthenticationUse the instructions and resources below to learn how to enable two-factor authentication on popular websites and services.

2 steps aheadBackup and Sync Email
Other Services and Tools