TickYouOff
Sign in
Back
🔑

Setting Up Two-Factor Authentication

Easy 14 items · 30 min
testuser's avatar
testuser Published 4 weeks ago
Technical

This checklist guides you through enabling and verifying two-factor authentication (2FA) on your most important accounts. It’s designed for general users who want a simple, secure setup for email, banking, social, and other services. Follow the steps to choose a method, protect backup codes, and configure recovery options.

Progress
0 / 14
  1. List priority accounts to enable 2FA — Include email, online banking, social, cloud storage, crypto, and any admin accounts.
  2. Select a primary 2FA method — Prefer authenticator apps or hardware security keys over SMS when possible.
  3. Install an authenticator app on your phone — Choose Authy, Google Authenticator, or Microsoft Authenticator.
  4. Enable cloud backup or export for your authenticator app — Turn on Authy cloud backup or export accounts securely so you can recover codes.
  5. Enable 2FA on your primary email account — Protecting email secures most account recovery flows.
  6. Set up authenticator app for your email account — Scan the service QR code with your authenticator app for time-based codes.
  7. Save email backup codes to a secure location — Store one copy offline and one in a password manager.
  8. Enable 2FA on online banking accounts — Use the strongest option your bank supports (authenticator or hardware key).
  9. Register a hardware security key for banking or critical accounts — Consider a YubiKey or similar for strongest protection.
  10. Enable 2FA on social media and other consumer accounts — Facebook, Instagram, Twitter, and LinkedIn often support authenticator apps.
  11. Review connected apps and remove unused access — Revoke old app tokens and third-party access that could bypass 2FA.
  12. Store backup codes from all accounts in a secure place — Use a reputable password manager or an encrypted offline file/USB.
  13. Set up account recovery methods — Add a recovery phone, secondary email, or trusted contacts where supported.
  14. Test your 2FA and recovery methods by signing out and signing back in — Verify authenticator codes, hardware keys, and backup codes work before relying on them.
Sign in to save
📝 My Notes