It just got a lot harder to blame that embarrassing photo in your Instagram feed on a hacked account. Starting today, the mobile photo-sharing service confirmed that it will start introducing a two-factor authentication system to its app. That means even if someone knows your username and password, it’ll be nearly impossible for them to post pics or scan private accounts without flat-out stealing your phone.
When you opt in to the two-factor system, first you’ll need to give Instagram your phone number. Then whenever you enter your username and password, you’ll get texted a string of additional digits. Pop that single-use code into Instagram, and you’re in. So if a hacker has your password and username, but not your phone, they can’t crack into your account. According to Tech Crunch, Instagram will generate your two-factor code through its own system—as opposed to using a service like Google Authenticator, which does the same thing.
An Instagram spokesperson confirmed to WIRED that the photo-sharing service is releasing the new feature in a slow, staged rollout, so you may not see the option for your account just yet. Details about the timing of the full release and whether the feature will first be available for iOS or Android aren’t available at this time.
As helpful as two-factor authentication is, it won’t prevent anyone from creating a “fake you” account or simply forgetting about an Instagram account created long ago. You’re still on your own with that stuff.