Main content
Internet safety
Course: Internet safety > Unit 1
Lesson 2: Ask Google: How do I keep my account safe?- How to keep your online accounts secure
- Why creating a strong password really matters
- Yes, you need a password manager. Here’s why.
- How adding your phone number and 2-factor authentication helps protect your account
- How can I review the security of my account?
© 2023 Khan AcademyTerms of usePrivacy PolicyCookie Notice
How adding your phone number and 2-factor authentication helps protect your account
Ever had to use a code that was texted to your phone to log into a website? Then you’ve used two-factor authentication. Learn more about why it’s so important, and how it creates an extra layer of security to protect your accounts and your information.
To learn more about how you can keep yourself safe while on the Internet, visit: internet-safety.khanacademy.org. Created by Sal Khan.
Want to join the conversation?
Don't y'all think that giving your phone number to some website, you would either think its very safe with the 2 factor authentication or that their trying to steal your phone number?(7 votes)
Good question! I think that a website having JUST your phone number isn’t as problematic compared to having your credit card number, address, etc.
The worst a hacker/scammer could do with your number would be to try and pretend to be large companies (for example, your bank account saying you owe a certain amount of money) but as long as you’re aware of those kind of scams, it isn’t particularly risky.(8 votes)
Can you use an email? For verification...(7 votes)
It depends on the platform. Google, Apple, and other large companies do support this. It is still safer to use a 2FA/MFA app or security key.(4 votes)
- just don't put your phone number out there(3 votes)
use an otp, like google authenticator or something, then you don't even have to give your phone number(2 votes)- What should I do if I don't own a phone and therefore don't have my own phone number?(2 votes)
Get a phone or use google voice(0 votes)
What if I give my phone number to an unknown person will he hack my account or steal money?(1 vote)- if someone has my phone number and email could they get into my google account?(1 vote)
Video transcript
- All right, Guemmy, so
sometimes sites ask for, like, a phone number
for security purposes, and I'm always actually afraid
to give my phone number. One, I just don't want
random people calling me all the time. But how do you think about that? When is it valuable or
maybe not so valuable? - Yeah, it's actually super important that when a site asks you
for a security phone number that you provide it. I think most people would agree that they wouldn't hesitate to give their credit card
company their phone number, because in the case of fraud, you do want them to contact you and to verify those
charges so that, you know, you're not responsible
for them, et cetera. In the same way, providing
your phone number to these online companies gives a way for the
companies to contact you in case that there's issues. In addition to that, the phone number itself is
actually a security mechanism. So, for example, a lot of
us on banking services, we've tried to log in and then the banking service
would send us an SMS code sent to your mobile phone number, and then you're able to enter that, before you're even able to log in. And what that does is it
actually prevents that fraud from even happening. And so instead of just the bank calls you because there's fraud, it's like, hey, let's prevent
the fraud in the first place. - I have to say, that last
point is very important. Like people think this is all theoretical. I, on not every day, that
would really freak me out, but you know, several
times in the past year, I get a little code like, you know, so and so was trying to
log in to your account and there's a code. I'm like, "Oh, no!" Somehow, maybe someone broke in, or they're creating a new, I don't know what's going on, but the fact that I take comfort that they didn't get the code, that I got the code and they
wouldn't be able to log in. And that kind of goes into, you know, is that what we're talking about when we're talking about
two-factor authentication? That you have to have, you
know, kind of two devices that, you know, say a
hacker in a foreign country or a bad actor might not have access to? - Yes, absolutely. You're right that because
that code was only sent to your phone number, it was not sent to that attacker. And so they cannot get in. They're stopped at that point. And also, if people
don't like phone numbers, there's lots of different
ways that you can do two-factor authentication. We can send prompts to your device. There's these things called security keys, some people might have heard of. There's a big variety.