Center for Health Communication
The Center for Health Communication prepares public health leaders of all kinds to effectively communicate critical health information, influence policy decisions, counter misinformation, and increase the public’s trust in health expertise.
Digital Safety DiscoTech: Set up two-factor authentication (2FA)
Prepared by Samuel Mendez
Our Digital Safety Kit for Public Health helps public health professionals and students reduce the harm of online harassment and anti-science aggression. But we recognize that it can be hard to know where to start. And we know it can be hard to make time to act on our recommendations on your own. So, we’re offering this DIY Digital Safety DiscoTech guide to help you create community spaces for digital safety at your organization. This section provides information on setting up two-factor authentication. See the full DIY Digital Safety Disoctech guide for more.
Why should I set up 2FA?
One common harassment tactic is to gain access to someone else’s social media, email, or messenger accounts. 2FA creates an extra hurdle, requiring more than just your password to log into your accounts. 2FA typically requires you to enter a one-time code that you receive via phone call, text message, email, or mobile app.
In general, how do I set up 2FA?
Each app/site has its own process. But, in general, start on the same page where you change your password. Often, the app/site will let you use a phone number, email address, or mobile app (e.g. DuoMobile) to receive a one-time use passcode. Often, you can set a specific device as safe for 30 days. Sometimes you can set a device as safe permanently. Don’t do this for a mobile device, because you might lose it or someone else might steal it.
Should I register a phone number, email address, or a mobile app for 2FA?
Register whichever makes sense for you. One advantage of an app is that you can register the app on multiple devices. This could come in handy if you were to lose your smartphone. One advantage of a phone number is that you can still use 2FA without a smartphone. One common critique of using a phone number for 2FA is its vulnerability to “SIM swapping,” in which someone convinces your phone carrier to transfer your phone number to a new device. For this reason, you might want to use a mix of 2FA methods across different accounts.
Remember: don’t let perfect be the enemy of good. Using any 2FA method is better than using none. Use whatever makes sense to you right now. You can always switch it later.
How do I set up 2FA on Facebook?
Set up 2FA on Facebook by following the instructions on the page: How two-factor authentication works on Facebook
How do I set up 2FA on Gmail?
Set up 2FA on Gmail by following the instructions on the page: Turn on 2-Step Verification [Gmail]
How do I set up 2FA on Instagram?
Set up 2FA on Instagram by following the instructions on the page: Securing your Instagram account with two-factor authentication
How do I set up 2FA on LinkedIn?
Set up 2FA on LinkedIn by following the instructions on the page: Turn two-step verification on and off [LinkedIn]
How do I set up 2FA on TikTok?
2FA is not currently available for all users. Set up 2FA on a TikTok For Business Account by following the instructions on the page: About Two-Step Verification [TikTok]
How do I set up 2FA on Twitter/X?
Set up 2FA on Twitter/X by following the instructions on the page: How to use two-factor authentication [Twitter/X]
How do I set up 2FA on WhatsApp?
Set up 2FA on WhatsApp by following the instructions on the page: How to manage two-step verification settings [WhatsApp]