No jargon. No fees. Just clear step-by-step guides to protect your accounts — and a friendly human to call on when you're stuck.
Run these free checks first. They're run by trusted organisations — no dodgy links, no data collected by us.
Enter your email. Instantly see if it appeared in any data breach. Trusted by millions.
Review your Google/Gmail account security in one place. Check devices, apps, and access.
Facebook's built-in Security Checkup guides you through protecting your profile step by step.
See if any of your saved passwords are weak, reused, or compromised in a breach.
Pick your account below. Follow the steps. If you get stuck, use the chat widget or send us a message — we'll walk you through it.
Protects your Gmail, Google Drive, YouTube, and all other Google services at once.
Open a browser and go to myaccount.google.com — or just search "Google Account". Sign in if needed.
You'll see it on the left-hand side. If you're on mobile, scroll down to find the Security section.
Under the section "How you sign in to Google". Click the arrow to go in.
Google will confirm your password first. Enter it and click Next.
Best option: Google Prompt (a pop-up on your phone). Or choose Text message (SMS) if you prefer. Follow the on-screen steps.
That's it — your Google account now requires a second step every time you sign in.
Even if someone gets your Gmail password, they cannot sign in without your phone. This one step blocks 99% of account hacks.
Your Google account controls Gmail, Drive, YouTube, Google Pay — so protecting it protects everything connected to it.
⚠️ Save your backup codes — when prompted, download or print the backup codes. Store them somewhere safe (not in Gmail!). You'll need one if you lose your phone.
✅ Done in under 3 minutes. If you see a green tick next to "2-Step Verification", you're protected.
Stops strangers from logging into your Facebook even if they have your password.
On mobile: tap the three lines (☰) in the bottom right. On desktop: click your profile photo at the top right.
Scroll down to find Settings & Privacy, then tap Settings inside it.
Under the Accounts Centre section. This is where all security settings live.
Select your Facebook account when asked which account to protect.
Authentication App is more secure. SMS is easier to set up. Either is much better than nothing.
Facebook will test it before turning on. Done — your account is now protected.
Authentication App (like Google Authenticator or Authy) generates a 6-digit code on your phone every 30 seconds. It works even without phone signal and is more secure than SMS.
SMS sends a text message to your phone. Easier to set up, and still far better than no protection at all.
⚠️ Facebook will show you recovery codes — save these in a safe place. They let you back in if you lose your phone.
✅ Once enabled, anyone trying to log in needs your phone too — even hackers who bought your password on the dark web.
Prevents account takeover — one of the most common hacks targeting Instagram.
Tap your profile picture in the bottom right corner.
Find Settings and privacy at the top of the menu.
Then tap Password and security.
Select your Instagram account from the list shown.
Authentication app or text message. Tap the toggle next to your choice to switch it on.
Instagram confirms it's active. You'll be asked to verify with a code the next time you log in.
Instagram account takeover is extremely common. Hackers then use your account to scam your followers. Two-factor authentication makes this nearly impossible.
Takes 2 minutes. Saves you the nightmare of losing your account.
⚠️ Save your backup codes — Instagram will give you 5 codes. Screenshot them and keep them somewhere you can find offline.
✅ When it's on, you'll see "Two-factor authentication is on" in the settings menu. You're protected.
Prevents SIM-swap attacks and account hijacking through your phone number.
On iPhone: tap Settings (bottom right). On Android: tap the three dots (⋮) in the top right.
Tap Settings → Account.
Then tap Enable on the next screen.
Choose a number you'll remember but not an obvious one like 123456 or your birthday.
Strongly recommended. This lets you reset your PIN if you forget it. Use an email you actually check.
WhatsApp will occasionally ask for your PIN to remind you of it. That's normal — it keeps you secure.
WhatsApp accounts can be hijacked via "SIM swap" — where a fraudster convinces your phone company to move your number to their SIM. Once they have your number, they try to register your WhatsApp.
Two-step verification blocks this by requiring a PIN they don't know.
⚠️ Never share your 6-digit WhatsApp registration code with anyone — not even friends. This code is sometimes used to hijack accounts.
✅ Two-step verification is now on. WhatsApp will ask for your PIN if your account is registered on a new phone.
Protects your iPhone, iCloud, App Store purchases, and Apple Pay.
Tap the grey cog icon on your home screen.
This opens your Apple ID / iCloud settings.
You'll see options about your Apple ID password and security.
Then tap Continue. Apple will confirm the trusted phone number to use.
Choose how to receive the code (text or phone call). Enter the code Apple sends you.
Apple devices you own will show a verification code whenever a new sign-in is attempted.
Your Apple ID holds everything: photos in iCloud, all your apps, your payment cards, your iPhone backups. If someone gets in, they can remotely wipe your phone and lock you out.
Two-factor means Apple will always check with your trusted device first.
⚠️ Apple's 2FA cannot be turned off after 14 days once enabled. That's fine — it's protecting you. Just make sure your trusted phone number stays up to date.
✅ Once enabled, you'll see a 6-digit code appear on your trusted iPhone or iPad whenever a new sign-in happens.
Protects your Outlook, Hotmail, OneDrive, Xbox, and Microsoft 365 accounts.
Open a browser and type account.microsoft.com. Sign in with your Microsoft email and password.
Then click "Advanced security options" on the Security page.
Under the "Ways to prove who you are" section.
Microsoft walks you through adding a verification method — an app, phone number, or alternate email.
Microsoft gives you a 25-character recovery code. Write it down and keep it somewhere safe — not on the computer.
Two-step verification is now active on your Microsoft account.
Microsoft has its own free app called Microsoft Authenticator (available on iPhone and Android). It's the easiest and most secure way to verify your identity — just open the app and tap "Approve".
Far easier than typing in a code every time.
⚠️ If you use Microsoft 365 for work, your company IT team may already manage this. Check with them before changing any settings on a work account.
✅ You're protected. Next time you sign in, Microsoft will ask for a second verification step before letting anyone in.
We add new guides based on what our community actually needs. Tell us which app or website you'd like step-by-step MFA instructions for — we'll write it and add it to the list.
Most requested so far:
Create a strong, random password instantly. Use a unique one for every account — and store them in a password manager.
We're real people helping friends (and friends of friends). No judgement, no jargon. Drop us a message and we'll walk you through it — usually within a day.
We run this entirely in our spare time for our community. If these guides saved you a headache, buying us a coffee keeps it going and helps us reach more people.
No account needed · Secure payments via Ko-fi · ko-fi.com/reputick