Two-step authentication offers additional login security when you are accessing online resources. When two-step authentication is available, you will still log into the site with your user name and password, but that will kick off the second step which is usually a text message containing a PIN (personal identification number) sent to your mobile phone. That PIN must then be entered on the login screen to get access to the site. The PIN is only operational for a short period of time – usually less than a minute – and changes each time you log into the site.
Why is two-step authentication worth the effort? Even if a hacker is able to get your user name and password, they still can’t get into your account without the PIN – which is only sent to the mobile number you specified when you set up your account. If your phone’s charging stand is next to your computer, it’s really not that much of an inconvenience.
What accounts should be set up with two-step authentication? Obviously, financial, medical and commercial sites containing personal, financial and credit card information are priorities but so are social networks and especially email accounts. Facebook, Twitter and LinkedIn now support it as do Yahoo! Mail, Google/Gmail, PayPal, Dropbox and Evernote. Even blog platforms – including WordPress.com – support it.
You can learn more about tow-step verification along with a more complete list of sites supporting it at Wikipedia.