Two-factor authentication is a simple and crucial step toward preventing someone from hacking into your account, and Instagram just updated this key security feature for all users.
While Instagram rolled out two-factor authentication to all users last year, it announced in September that it would be bolstering the layer of security, adding a non-SMS method. Instagram confirmed to Gizmodo in an email that it’s now available to all users.
Two-factor authentication requires users to provide a piece of information other than their password, usually a temporary, randomly generated code, in order to access their account. For SMS-based versions, the service will send users a text message with a code in order to log in. But security experts consider non-SMS two-factor authentication more secure because it can’t be intercepted by bad actors—instead, rather than retrieve the code via text message, users can use a third-party app, such as Authy or Google Authenticator.
“SMS is just not the best way to do this,” security researcher and forensics expert Jonathan Zdziarski told WIRED in 2016. “It’s depending on your mobile phone as a means of authentication [in a way] that can be socially engineered out of your control.”
To enable non-SMS two-factor authentication on Instagram, go to your Settings menu and choose two-factor authentication from the Privacy and Security section. Then, choose Authentication App. If you don’t already have a third-party authenticator downloaded, you’ll need to do that before you can make use of the feature.
At a time when online services—most recently, Instagram’s parent company, Facebook—are hit by security breaches, it’s nice to see a company give users more power over their account security.