![\"Google](\"https:\/\/articles-img.sftcdn.net\/sft\/articles\/auto-mapping-folder\/sites\/3\/2021\/04\/Google_2_stage_verification_cwt2go_kicy4f.jpg\")
<\/p>\n<\/p>\n
Keeping safe online can sometimes feel like a Herculean task. We have a growing number of online accounts and each of them needs a long, complicated, and unique password.<\/strong> If we don’t have them, we\u2019re at risk of exposing multiple accounts should one fall. Add to this the regular data breaches that affect even the biggest companies<\/a> and it can feel like we must keep on top of it.<\/p>\n Password managers are a great weapon to wield in this online battle. Once you\u2019ve set one up, they\u2019re easy to use and will automatically set strong passwords for each of your accounts and store them securely.<\/p>\n How to: create strong passwords<\/p>\r\n Read now \u25ba<\/a>\r\n <\/div>\r\n <\/div>\r\n <\/a>\r\n <\/div>\r\n<\/div>\n Strong passwords aren\u2019t enough though. These days there is another important tool that we need to use if we\u2019re to make sure we\u2019re as secure online as we should be. This, of course, is\u00a0two-factor authentication<\/a>. You have to confirm your identity on one device by proving who you are on another one. There are even physical devices you can buy<\/a> that only exist to authenticate your identity.<\/p>\n The problem with two-factor authentication is it’s annoying<\/strong>.<\/p>\n Having to scramble around finding your phone or tablet, whenever you want to do something important online, can be very frustrating. The thing is though, two-factor authentication works and new data from Google proves it.<\/p>\n Google teamed up with researchers from New York University and the University of California San Diego.\u00a0They performed a year-long study looking into various types of cyber-attack and how basic security procedures can block them. The results were striking.<\/a>\u00a0The simple act of adding a recovery telephone number blocks every single automated bot attack<\/strong> and 99% of all bulk phishing attempts.<\/strong><\/p>\n With two-factor authentication, Google was keen to point out the difference between the different types you can use. The first uses a code that is sent by SMS to your nominated recovery phone<\/strong>. You enter it on the site that needs to confirm your identity. In Google\u2019s tests, this type of two-step verification protected against 100% of automated bots, 96% of bulk phishing attacks, and 76% of targeted phishing attacks.<\/strong><\/p>\n The other type of two-factor authentication uses an on-device prompt. Rather than receiving a code, you receive a button to press that will prove who you are. This type of verification scored even higher than the SMS code type.<\/strong> It protected against 100% of automated bots, 99% of bulk attacks, and an impressive 90% of targeted attacks.<\/p>\n The message here is clear: If you don\u2019t have two-stage verification enabled on the online accounts that offer it, you need to enable it now<\/strong>. Google pointed out in its report that there are other defenses it uses like last sign-in location if you don\u2019t have 2-stage activated. However, protection rates can fall to as low as 10% for these other methods. It is clear that two-factor authentication is the big boss when it comes to online security. If you don\u2019t have it set up, you should do it now.<\/p>\n\r\n \r\n \r\n \r\n ![](\"https:\/\/articles-img.sftcdn.net\/sft\/articles\/auto-mapping-folder\/sites\/3\/2010\/07\/passwords_header.png\")
\r\n <\/div>\r\n \r\n Research shows it works!<\/h2>\n
![\"results](\"https:\/\/articles-img.sftcdn.net\/sft\/articles\/auto-mapping-folder\/sites\/3\/2021\/04\/Google_security_study_results_zt49ul.jpg\")
<\/p>\n