7 Types of Accounts That Really Should Have 2FA

A list of all the accounts you might've forgotten about

Man unlocking phone
milindri/iStock

2FA (two-factor authentication or two-step verification) adds an extra layer of security to a personal account that requires login details, such as a username and password, to sign in. Enabling this security feature helps to prevent others from accessing your account if they somehow managed to obtain your login details.

For example, if you were to enable 2FA on your Facebook account, you would be required to enter not only your login details but also a verification code whenever you'd want to sign into your Facebook account from a new device. With 2FA enabled, Facebook would trigger a text message to be automatically sent to your mobile device during the sign-in process, containing a verification code you'd have to enter in order to successfully log into your account.

Once you understand what 2FA is, it's pretty easy to see why enabling it is so important. So long as you're the only one receiving the verification code, a hacker can never access your account with your login details.

Over the years, an increasing number of major websites and apps have jumped on the 2FA bandwagon, offering it as an extra security option for users who want to protect themselves. But the question is, which are the most important accounts to enable it on?

Your Facebook and other social media accounts are a good start, but really, you should look to enable 2FA on any account that stores your financial information and other personal identification details. The list below can help you identify which accounts you should take care of as soon as possible.

01
of 07

Banking, Finance, and Investment Accounts

Banking
Screenshot of BankOfAmerica.com

Any account involving money management should be made a high priority on your list of accounts to secure with 2FA. If anyone ever accessed one of these accounts, it's possible that they could do anything with your money—transfer it from your account to another account, charge unwanted purchases to credit card number, change your personal details and more. 

Banks make sure to budget hundreds of millions of dollars to take care of fraudulent activity, and you'll get your money back as long as you notify your bank of any sign of fraud within 60 days, but nobody wants to have to deal with that in the first place—so look for 2FA in the account settings or security settings of all services where you do any banking, borrowing, investing or other type of financial activity.

Common financial account sources to look for 2FA:

  • Checking and savings accounts
  • Credit and debit card accounts
  • Mortgage accounts
  • Loan accounts
  • Investment accounts
  • Foreign currency accounts
  • Tax filing service accounts
  • Accounting and bookeeping service accounts
  • Online payment service accounts (such as PayPal and Venmo)
  • Personal financial management service accounts (such as Mint.com)
  • Billing and payroll service accounts
02
of 07

Utility Accounts

Comcast
Screenshot of Comcast.com

We all have those monthly utility bills to pay. While some people choose to make their bill payments manually, but others like yourself might sign up for automatic monthly charges to a credit card or other payment method via personal accounts on utility service websites.

If a hacker logged into your account, they could gain access to your credit card numbers or other payment information. The could steal it to use for their own fraudulent use or potentially even change your monthly plan—perhaps upgrading it for a more expensive cost to use it themselves while you end up paying for it.

Consider any accounts you have that store personal and financial information for paying your monthly bills. These would typically include communication services (cable TV, internet, phone) and possibly household utility services such as electricity, gas, water and heat.

Popular utility services known to offer 2FA:

  • Comcast / Xfinity
  • Google Fiber
  • Sonic
  • Ting
03
of 07

Apple ID and/or Google Accounts

Apple ID
Screenshot of Mac App Store

You can purchase apps, music, movies, TV shows and more from Apple's iTunes App Store using your Apple ID and the Google Play Store using your Google account. You can also store personal information on the many services linked to your Apple ID (such as iCloud and iMessage) and Google account (such as Gmail and Drive).

If anyone were to ever gain access to your Apple ID or Google account login details, you could end up with several unwanted purchases charged to your account or stolen person information from your other linked services. All of this information is stored on Apple and Google servers, so anyone with a compatible device and your login details could instantly gain access to it.

Both Apple and Google have instruction pages that walk you through the complete steps you should take to set up 2FA on your Apple ID and Google account. Remember, you won't have to enter a verification code every time except for the very first time you log in on a new device.

04
of 07

Retail Shopping Accounts

Amazon
Screenshot of Amazon.com

It's easier and more convenient than ever to shop online nowadays than ever before, and while online retailers take consumer checkout and payment security very seriously, there's always the risk that user accounts could be compromised. Anyone who obtains your login details to your accounts on shopping sites could easily change your shipping address but keep your payment information, essentially charging purchases to you and having items shipped anywhere they want.

Although you might find it unlikely that smaller online retailers offer 2FA as an extra security option for their users, many larger retailers do indeed have it in place.

Popular subscription services known to offer 2FA:

  • Amazon
  • Apple
  • Etsy
05
of 07

Subscription Purchase Accounts

Netflix
Screenshot of Netflix.com

Many people do their online shopping as needed on both large and small retail sites, but these days recurring subscription plans have grown to become more popular for everything from entertainment and food, to cloud storage and web hosting. Since many subscription-based services offer different subscription plans, there's always the chance that hackers who happen to log into your account with your details could upgrade your subscription for a higher cost and start receiving their products or using their services for themselves.

Again, like many online retailers, not every subscription service is going to have 2FA as part of its security feature offering, but it's always worth checking.

Popular subscription services known to offer 2FA:

06
of 07

Password & Identity Management Accounts

Keeper Security
Screenshot KeeperSecurity.com

​Do you use a tool to store all your logins, passwords and personal identification information? Many people do nowadays, but just because they exist to store and secure all your login details in one convenient place doesn't mean they're ultimately secure without 2FA enabled.

Let this be a reminder that even the place where you keep all your login details secure needs to be secured. In fact, if you use a password or identity management tool, this might be the most important place of all to look for 2FA.

If anyone ever obtained your details to get into your account, they'd gain access to login information for not only one account, but any accounts where you have information stored there—from your bank account and your Gmail account, to your Facebook account and your Netflix account. Hackers could take their pick and choose to compromise as many of your accounts as they'd want.

Popular password and identity management tools known to offer 2FA:

  • 1Password (currently in progress)
  • Centrify
  • Keeper
  • LastPass
  • OneLogin
07
of 07

Government Accounts

Social Security
Screenshot of SSA.gov

Speaking of personal identities in the last section, don't forget about your personal identification information that you use with government services. For example, if someone were to obtain or Social Security Number (SSN), they could use it to get their hands on even more personal information about you and even go as far as commit financial fraud by using your credit cards, using your name and good credit to apply for more credit in your name and more.

At this time, the Social Security Administration is the only major US government service that offers 2FA as an extra security feature on its website. Unfortunately for others like the Internal Revenue Service and Healthcare.gov, you'll just have to keep your details as safe as possible the old fashioned way and wait to see if they jump on the 2FA bandwagon in the future.

Check Out TwoFactorAuth.org for More

TwoFactorAuth.org is a community-driven website that features a list of all the major services known to include 2FA, conveniently broken down into several different categories. It's a great resource for quickly seeing which major online services offer 2FA without having to research each service individually. You also have the option to make a request to add a site, or tweet on Twitter/post on Facebook to encourage some of listed services that don't yet have 2FA to get on board.