Turn on multi-factor authentication or risk big headaches

If you don't turn on multi-factor authentication (MFA) on your electronic devices, a crook might do it for you.

Then you are in for a world of hurt.

Here is what can happen with a hijacked Xbox, according to Krebs on Security.

As soon as a hacker gets your password (you might have used it elsewhere?), they turn on MFA and associate a new email to the account.

That means without the hacker's permission, you can't change the password. Recovery codes won't help at this point.

Meanwhile, the hackers will be buying stuff from your associated account while you try to figure it out.

Support may not help. They won't turn over an account to someone who can't provide the second factor. The only person who can is the hacker.

In one case, Microsoft Level 3 support did solve the problem by helping create a new account, enabling MFA and then migrating the profile.

If you use the same password across multiple sites, enable MFA immediately. It could save time and money.