2FA, what the heck is it and why should you care?

In today’s interconnected world, safeguarding your online accounts is paramount. With ever-evolving cyber threats, it’s crucial to implement robust security measures. In today’s post, we’ll explore two powerful tools for bolstering your online security: strong passwords and Two-Factor Authentication AKA 2FA. Along with apps that can help you stay cyber-safe. 

Gone are the days when you could use the same simple password across all devices. And yes, it is a total pain in the butt to have a different password for every single thing you log into but let’s put it this way:

Would you rather spend a bit of time now setting yourself up securely or spend hours, quite possible days later dealing with the aftermath after getting hacked and all your money stolen, debts run up on your credit cards, identity stolen, website hijacked and any other grizzle situation that can come from your account being compromised?

Now before you start rolling your eyeballs like a hormonal teenager, do take this seriously. You wouldn’t leave your brand new shiny Porche in the rough end of town, unlocked with the keys in the ignition. Yet, that is what a lot of people are doing with their online possessions.

So even if you don’t consider yourself to be tech-savvy, here is how to make 2FA easy.

Disclaimer: This post may contain affiliate links, which means I may make a commission, at no cost to you, if you choose to buy.

The Power of Strong Passwords:

Just like a strong, reliable lock guards your physical safe, a strong password acts as your digital fortress, protecting your online accounts from unauthorized access. You’re not daft, you know how this works. But as the hackers get better, it means we have to up our game too. Consider these key tips for creating a robust password:

Size Matters: 

Yes, it really does! Aim for passwords that are at least 12 characters long. Like a longer, sturdier lock, longer passwords are harder to crack.

Mix It Up: 

Combine uppercase and lowercase letters, numbers, and special characters (!, @, #, $, etc.). This creates complexity, much like a unique key with intricate cuts and patterns. But don’t switch out numbers for letters such as P@33w0rd, hackers have algorithms that can run through the obvious tricks really quickly. Let’s at least make them work for it!

Ditch the Obvious: 

Avoid using easily guessable information like your name, birthdate, or common words. Think outside the box and be creative, just as you would avoid using obvious key patterns. Any information that can be found online, pet names, your maiden name, mother’s maiden name, wedding dates, kids’ birthdays etc etc. Karen4Dave1986 doesn’t cut it!

And whilst we are at it, any of those memes you see that say something like “You’re rock star name is your first pet’s name, plus the street you grew up on and the last thing you ate” Are designed for you to give up information that can later be scraped.

My rock star name is: Mr Tiddle-Winkles High Spaghetti! (Totally isn’t lol)

woman looking frustrated seeing cyber threat on laptop screen

Unique Is Key: 

Just as you wouldn’t use the same key for multiple safes, never reuse passwords across different accounts. Each account deserves its own distinct password to prevent widespread compromise. Yes, I know, a total PITA but it is what it is. Instead, spend some time setting up a password keeper. There are different ones out there such as:

They are all affordable, usually a few dollars a month. It’s worth having a look at which offers what, so you can find a solution for your needs. For example, Lastpass allows you to set up a system so you can share login information with your VA without having to share your password. They also have a family version for those not needing the business settings.

Regular Renewal: 

Change passwords periodically, especially for critical accounts. This routine maintenance strengthens your digital locks and provides an additional layer of security.

woman working on her online business

Two-Factor Authentication (2FA) made easy – Unlocking the Second Key:

Imagine your online account is like a digital safe that safeguards your personal information. While a strong password serves as the first key, Two-Factor Authentication (2FA) adds an additional layer of security by requiring a second key. Let’s explore this analogy further:

The First Key: 

Your username and password combination acts as the first key, just like the traditional way of unlocking a safe.

The Second Key: 

Just as a physical safe requires a second key, 2FA introduces an extra authentication factor. This second key could be a fingerprint, voice recognition scan, or physical keycard. It ensures that even if someone gets hold of your first key, they can’t access your account without the second key.

Unlocking the Digital Safe: 

Enabling 2FA is akin to having a digital safe with two keys. Your username and password serve as the first key, while the second key represents the additional layer of authentication. Both keys are required to unlock your account, providing enhanced security against unauthorized access.

This makes it much more difficult for someone to hack into your account. Here is an example if you have 2FA set-up.

You log into your Paypal account

Login: JaneDoe@hotmail.com

Password: bhd7%#&ghjbk)(&%5645uybcnkGDDY6&’JFYTFh

PayPal will then prompt you to get your code:
Click the button to get a 6 figure code sent to your phone

Message from PayPal with a code


You input that, and then you are in!

Most sites give you a choice of ways to set up your 2FA, some will ask you to set up a 2FA app (free) either on their own or with Google. So when you are prompted for a code, you have to go and open the app and you have 60 seconds usually to use the code then it refreshes.

Or, you might be given a list of codes to keep safe and use when you need to – this is my least favourite method as I usually forget where the safe place is that I wrote them down!

It is all a bit time-consuming, to set up and use but… like I said, better than the stress and heartache of getting hacked.

women working on her tablet happily

Best Practices for Strengthening Security:

To fortify your online security, keep these best practices in mind:

Stay Vigilant: 

Be cautious of phishing attempts and only enter your 2FA credentials on legitimate websites or apps. Watch out for suspicious emails or requests for personal information, just as you would exercise caution around strangers who claim to have access to your safe.

I’ll do another post on phishing to help you stay safe there.

Explore Alternatives: 

As technology advances, consider using authentication apps or hardware tokens as alternatives to SMS-based 2FA. This reduces the risk of SIM swapping attacks, ensuring your second key remains secure.

Device Protection: 

Secure your devices with strong passwords, keep software up to date, and enable additional security measures like biometric authentication when available. Think of it as fortifying the room where your digital safe resides.

Yes, this means that when your pesky phone tells you there has been a new update, you should UPDATE it. And if you have a website, update those plugins, they are notorious for being the place where hackers breach to get in and cause havoc.

Trustworthy Providers: 

Select reputable and well-established 2FA providers to minimize the risk of vulnerabilities in the implementation. Just as you would trust a reliable lock manufacturer for your physical safe, choose trusted sources for your digital security needs.

Feeling Overwhelmed?

I get it, and if you need to up your online security game then you are probably feeling pretty anxious right now.

Start small. First and foremost, which sites would be the worst-case scenario if you got hacked?

For most people this would be:

  • Banks
  • Business financial apps such as Stripe and Paypal
  • For business owners – your website
  • Social media, both personal and business accounts.

Start at the top of the list and work your way through. If you don’t have a Password saver, set that up first, they usually have a generator to help you create safe passwords.

Remember to keep things updated!

And finally, if you use your mobile phone number as part of the online security, make sure it is kept up to date. Most businesses will try and keep your data safe, it is in their interest to do so, but you have to keep your end of the bargain too. 

Wrap Up

In an era where our digital lives are as valuable as our physical possessions, employing strong passwords and 2FA is essential to fortify your online security. Just like a robust lock and a second key add layers of protection to a physical safe, strong passwords and 2FA strengthen your digital defences. Remember, a little effort in securing your accounts can go a long way in safeguarding your digital world. 


Other posts you might like: