50% complete
What Is MFA?
And Why is it Essential for Content Creators?
You’ve got strong, unique passwords, great! But what if someone still manages to get hold of one?
That’s where Multi Factor Authentication (MFA) steps in to save the day.
Also known as Two-Factor Authentication (2FA) or Two-Step Verification (2SV), this simple layer of protection can mean the difference between a minor inconvenience and a full-blown disaster.
Why a strong password alone isn't enough
In you followed our advice here on creating strong password, you should be completely secure, right?
Unfortunately, strong passwords are only a small part of the puzzle.
Even the strongest of passwords can be obtained if
- The company did not securely store a copy of your password
- A device storing your password was hacked
If a hacker tries to log in with the correct password, they will be prevented by MFA. In many cases, the system will email you afterwards to notify you of a suspicious log in attempt and recommend you change your password.
Why It Matters to all Creators
You might think, “I’m not a big influencer, why would anyone target me?”
- Some cyber criminals don’t discriminate and they use automated bots scan all accounts for weaknesses.
- You are likely to have a bigger digital footprint than the average person, increasing the scope of accounts for cyber criminals to target.
- Reputational damage through blackmail is a common approach, however for content creators, it is likely to also have a greater impact, both socially and financially.
Deleted content or entire accounts is often irreversible, potentially erasing years of work building your brand.
Loss of access to monetised platforms (Patreon, Ko-fi, Twitch, etc.)
How to Set It Up Multi Factor Authentication
Types of MFA
SMS
Most common, but least secure.
Authenticator App
App on smartphone.
FIDO Key
Physical fob / key, popular at enterprise level businesses.
How It Works (Quick Example)
The easiest and most secure way is to use a dedicated authenticator app:
Recommended apps:
Authy (great for backups and multiple devices)
Google Authenticator
Microsoft Authenticator
1Password (if you already use it as your password manager)
These apps generate time-based one-time passcodes (TOTP) that change every 30 seconds.
Avoid relying only on SMS codes—they can be intercepted via SIM swapping.
Where to Use It First
Start with your most important accounts, then work your way through the rest gradually.
Ultimately, you should eventually turn on MFA for all accounts that support it.
Critical
Your main email address
Apple ID / Google account
Social media: Instagram, Facebook, TikTok, Twitter/X
PayPal, Stripe, or any financial platform
Cloud storage (Google Drive, Dropbox)
Creator Platforms
Patreon / Ko-fi / Buy Me a Coffee
Twitch / YouTube / Discord
Portfolio sites, gallery hosting, and client delivery tools
Misc
- Any account where you make payments (Shopping, Utilities, Travel, Subscriptions)
- Any account with personal information (Health, Work, Pensions)
Don’t Skip These Extra Tips
Enable MFA on your backup email address too
Print or save your MFA backup codes somewhere safe
Use an MFA app with cloud backup in case you lose your phone
Consider a physical FIDO key if you're a high-profile or high-risk user
Real Talk: This Step Saves Accounts
Even if someone guesses or steals your password, they’ll be blocked at the second step. You’ll likely get a security alert—giving you the chance to act before any damage is done.
No protection is 100% perfect, but MFA is one of the most effective and underused defences you can activate in under 5 minutes.
TL;DR Your MFA Action Plan
Start with your email
Use an authenticator app, not just SMS
Enable MFA on all your major platforms
Keep your backup codes in a secure place
Consider using a password manager that supports MFA
MORE Cyber security information
Explore our latest insights and expert perspectives on business strategy and leadership.