Last year, Google turned on two-factor authentication for its accounts. The system works pretty well: After you turn it on, install the “authenticator” app on your smartphone. Now, when you log in, you type in your password and the code generated by your phone (it works even if your phone is offline). If you don’t have a smartphone, you can also have the code texted to you. Facebook also added two-factor authentication last year.
The problem with two-factor authentication is that it’s a bit of a hassle. You can set your Google account to only ask you for the code every two weeks on registered devices, but for some lazy people that’s too much trouble. Worse, because some programs that connect to your Gmail account don’t use two-factor authentication—programs like your smartphone’s mail app—you need to jump through some extra hoops to configure them to work with the system. All this requires a little bit of tech savvy, and the whole thing is not quite user-friendly enough for the majority of computer users just yet.
I’d guess that’s why Apple hasn’t added two-factor authentication to its services. But I hope Apple is working on some way to make this level of protection easy enough for the masses. (One option: built-in fingerprint readers in all its devices.) If such a system was in place, the attack on Honan’s Apple devices wouldn’t have happened. The hacker might have gotten his password, but he wouldn’t have had the second factor—fingerprint, code, something—to get into his accounts.
Honan also didn’t have two-factor authentication enabled on his Google account. If he had, the hacker would not have been able to get into his Gmail after compromising his Apple account. The hacker would have still been able to issue the forgotten password request to Gmail, but he’d have lacked the authentication code generated by Honan’s smartphone.
2) Seriously, sign up to a backup service. Do it now. What are you waiting for?
This one is easy: You should be backing everything up. There’s a good chance you’re not. Maybe you think doing so is difficult or expensive. Maybe you think nothing will happen to you. Maybe you’re just putting it off until your next free weekend.
But the perfect time to do it is now. Despite what you’ve heard, backing up is easy and cheap. Years ago, after testing out a few cloud backup services, I recommended that people use Mozy. Since then, I’ve switched to a service called CrashPlan—the cheapest, easiest way to back up all your data.
Here’s how to do it. Go to CrashPlan. Download the software. Choose the stuff on your computer you want to back up—your documents, photos, videos, music, etc. Then, let the program run. Over the next few days, depending on how much data you have and the speed of your broadband line, your data will first be encrypted and then sent over to CrashPlan’s servers, where it will be secured far better than you can secure it.
For all this, CrashPlan’s rates (after your 30-day free trial) are really great: You’ll pay as little as $1.50 a month for storing 10 GB of data from one computer, $3 a month for unlimited data from one computer, and $6 a month for unlimited data from up to 10 computers (in other words, for protecting all the devices in your house).
Whenever I recommend cloud backup services, people chime in with worries about storing stuff in the cloud—what if CrashPlan’s servers get destroyed or hacked? I think these worries are baseless (if CrashPlan gets hacked, your data there is encrypted anyway), but when it comes to backups, you can never be too safe. So if you want to supplement your cloud backup with a local backup on your own external drive, please do so. You can even use CrashPlan’s software to do that.
Does this read like an advertisement for CrashPlan? The company hasn’t paid me a dime to write this, but I’m not kidding when I say that CrashPlan is the most important, valuable add-on service that you can buy for yourself.
Indeed, if I were king of the Internet, I would turn on backups by default. Every device you buy should come with a backup system, and it should store your data online automatically unless you tell it not to. The first company to realize this will make a killing. If Apple really wants to do right by its users, it would buy CrashPlan, build its service into all its devices, and offer unlimited backups to everyone for free. Apple has enough money to do this, and the firm must understand how well built-in backups would work in a marketing campaign: “Never lose anything again.” How’s that for a slogan?