Recently, Jeff Atwood showed how to make your Google account (and therefore gmail, youtube etc.) more secure by enabling their 2-Factor authentication system.

(2 Factor Authentication is the same kind of thing some banks use, where you get a keyfob thing and type in a number as well as your username and password, so even if you have the password you also need to have stolen the physical object).

Paypal have had a similar system for years, and every time I mention that I use it people say “I didn’t know you could do that!”, so, some instructions:

Paypal uses SMS messages for the second factor. This is better than an app-based solution because it continues to work even if you’ve had to wipe or replace your phone.

  1. Go to and log in
  2. Hover over “Profile” (Far right of “Overview” in the gray secondary tab bar)
  3. Click on “My Account Settings”
  4. Click “Update” next to Security key
  5. Click “Get Security Key”
  6. “Register your Mobile Phone”
  7. Follow the instructions.

And there. Now every time you log into your paypal account you’ll get an SMS message with a six digit code that you need to plug into the site. You can bypass this a few times if you don’t get the message, or don’t have your phone.

It’s not perfect, but it’s better than username/password.

(I know paypal are occasionally incompetent to the point of actual evil, but if you do use them, there’s no reason not to try to keep your account secure.)

Enhanced by Zemanta