My screen popped up with a message from a friend. “Help!” it said. “I’m on vacation and I lost my wallet and I’m stuck! Can you wire me $2,000?”

I sent a text to my friend to verify this, and it turned out he wasn’t on vacation at all. “People have been asking me about this all day!” he told me. “Someone hacked my account!”

Recently, another friend called me up and told me, “My Instagram account got hacked! Someone changed the password and started posting pictures pretending to be me! What can I do?”

Has your email or one of your social media accounts ever been hacked? Here’s one way it can happen: when major companies like Yahoo! become compromised, and their databases include your email username and password – a combination you’re also using on major social media sites, it’s easy for the criminals to get into your account.

Once someone gains access to your account, they can send messages as you with the benefit of having the immediate trust of your family, friends, and those in your inner circle. If you worked hard on your brand or online reputation only for someone else to control it, take credit, or even worse, damage your reputation, you can see the value in keeping your account secure.

So what can you do to prevent this from happening to you? The solution is a very easy process involving your phone, called “2 factor authentication”.

2 factor authentication sounds complicated, but it’s just a technical name for a more robust security process. Simply, it’s a way of verifying who you are using your phone, in addition to your password. For instance, when you log in with your username and password, a text message gets sent to your phone with a 6 digit access number, or a phone call with a voice giving you the necessary code. Entering that code into the website gives you access.

Google 2-step verification

This process is based on a key principle – access should be granted based on something you know (your password), and something you have (your phone). It’s possible for others to know your password, but the likelihood of someone knowing your password AND having access to your phone is extremely small.

2 factors - something you know and something you have
The nice thing about 2 factor authentication is that once you’re used to it, it seems second nature to use it. You get conditioned to typing in your password and immediately reaching for your phone to get the needed access code.

If you haven’t already, turn it on your main email account immediately! Once that’s secure, focus on turning it on your online banking site, then add it for one social media account per day. If you can’t find the option, Google the name of the website with the words “2 factor authentication”.

Here are some of the 2 factor authentication links from the major providers:

Google (GMail)




Instagram does not allow you to turn on 2 factor authentication from their website. Inside the app, navigate to your profile, then click “options” (looks like 3 dots in the top right corner), then choose “2 Factor Authentication”.

Once that’s done, you’ll sleep a lot better knowing you’re much less likely to be hacked.

Have questions about turning on 2 factor authentication on your email or social media sites? Reach out to me directly here.