Heartbleed is a very scary bug that came to light recently and once again sent the Internet into a frenzy with talk about how to protect yourself from security vulnerabilities and hackers. Several sites also published guides covering how to protect yourself from Heartbleed, suggesting that using stronger passwords could somehow have kept users safe from having their data compromised by Heartbleed. Using complex passwords is always a good idea, but even the longest password would have been vulnerable in the case of this particular flaw. What would have offered users solid protection, however, is two-step verification.
Two-step verification is a security measure that adds an additional layer of authentication in order for users to log into a website. So, for example, you might first enter your username and password, and then a special code will be sent to your cell phone via SMS. Until you input that unique code on the site you’re trying to log into, you won’t be able to gain access to your account.
This means that a malicious hacker cannot access your account with just your login credentials. He or she would also need access to your cell phone.
It sounds like a hassle, and it is. But it is also exponentially more secure than any password ever will be.
Setting up two-step verification is typically not difficult, but The Wall Street Journal put together a nice list that walks users through configuring this great security measure on 11 of the most popular websites and services in the world. Included among them are Google, Yahoo, Facebook, Twitter, Microsoft, LinkedIn and PayPal.
WSJ’s article is linked below in our source section, and readers looking to protect themselves as well as possible should enable two-step verification on as many sites as they can.
To learn the best way to protect yourself from Heartbleed specifically, head over to this post.