I have heard of people whose LinkedIn accounts are hacked and am now paranoid because I’m in the middle of a job search. Can I turn on 2-step verification for my LinkedIn account?
LinkedIn just introduced the ability to secure our accounts through the use of 2-step verification on login, so the answer is “you bet!” What’s 2-step verification? It’s a “what you know” and “what you have” security system, in the parlance of the security world. You’ll still need to know your password, but once you take that step to log in to your account, LinkedIn will then send a six digit security code to your cellphone (the “what you have” part) that you’ll also need to enter to gain access to your account. If someone knows your password but doesn’t have access to your phone, they’re out of luck.
2-step verification is available on a wide variety of other services including Gmail, PayPal and Facebook, and I strongly recommend you enable all of them. In fact, I have a series of articles on the subject: 2-step verification for Gmail, 2-step verification for Facebook, and 2-step verification for PayPal. Go on, sign up for all of those too, I’ll wait.
Back? Great. Don’t you already feel more secure?
For LinkedIn, start by clicking on the tiny thumbnail of your profile photo on the top right of any LinkedIn page in your browser:
As you can see, choose “Privacy & Settings”. Now there are a bunch of options — a BUNCH of options! — and you’ll want to choose the Account tab on the left to get here:
The very last entry on the middle column is the path to your security settings, though without my guide I bet it’d take you a few minutes to find it. 🙂
Click on Manage security settings.
There are two settings on this screen, the first requiring that you always have an “https” secure connection. Do that. That way the communication between your browser and the LinkedIn server is encrypted over wifi, etc:
Further down on that screen is another option too, the one you really seek:
They warn that some LinkedIn apps won’t work, but in my experience it hasn’t harmed my interaction with the LinkedIn system. If you do know of specific limitations with either a secure connection or two-step verification enabled, please do mention it in the comments below for others. Still, I’d rather trade off functionality against security in this instance.
Click on “Turn On”.
This doesn’t work with all countries, but I bet you’re covered. Enter your phone number and click “Send Code”.
In the Web browser you’ll then see this:
On my iPhone 5s, I saw this show up:
That’s the code to enter in the Web browser (well, the six digit code you get, not this one!)
Once you’ve done so, you should be good to go:
Done. Nice!
Now before we’re done, a small reminder that passwords should be complicated, not easy. Upper case, lower case, digits, punctuation, all necessary. A handy mnemonic: pick a favorite sentence then spin a variant of it, like go from “Four score and seven years ago…” to “4Score7!” for a super strong password that’s impossible to guess and yet easy to remember.
Be careful. It seems that they stopped supporting google voice numbers with no warning. Now I can’t get in at all.
Thunderbird is an email program that can’t handle 2-step verification yet. You have to get an “application specific password” from your cloud email provider to be able to manage your mail from Thunderbird. The Microsoft email app on the other hand handled the change to 2-step verification with no problem on 03/20/14. I imagine a future Mozilla update will cure that.