Mat Honan, a writer at Gizmodo, was hacked. It started with his iCloud account. From there, the ne’er-do-well was able to retrieve Mat’s Gmail password. That’s when the proverbial poop really began to hit the fan. Riddle me this: every time you click on “Forgot Password,” where does is your password sent? In most cases, it’s sent to your email account—and that’s the problem. If a jerkface gets access to your email account, they can pretty much go where ever they want from there. This includes any of your social media accounts and possibly even your bank account. Bad news bears.

A lot of other really crappy stuff happened to Mat. Some of it, he brought upon himself (e.g. a seven character password, no back-ups of his data). By and large, the biggest issue is that he was shut out of the central hub of his very existence: his primary email account. If Mat had access to his email, he would have been able to regain control of his digital life. Dear reader, I care and I don’t want this to happen to you. Let’s have the “two-step verification” talk.

Some popular services, like Facebook and Gmail, offer something known as two-step verification. Basically, what this does is confirm that you’re really you before allowing you to log into the service. In the case of both Facebook as well as Gmail, the way that this is done is by sending you a text message with a secret code and asking you to verify that code before letting you log into the service from an unfamiliar computer. If Mat had the service turned on, the scoundrel that broke into his account, would have never been able to access his Gmail. From there, Mat would’ve been able to change the password to his eye caught account and stop all these devices from being wiped out. Furthermore, the upstanding citizen—who took it upon himself to request Mat’s Twitter password to be sent to his Gmail account—would never have been able to recover it. Mat’s day would still been sullied, but not nearly to the same extent.

If you have two-step verification turned on for any service that offers it, you’re just waiting for trouble—and don’t worry, over a long enough timeline, trouble find you. Below, is a quick guide to turning on two-step verification and Gmail.

1. In the upper right-hand corner of your screen when logged into any Google service, click on the small triangle next to your picture. From there, click on accounts.
2. On the left-hand side of your account settings screen, click on security.
3. Turn on two-step verification and complete the steps that follow.
4. Do the same thing for any other service that offers it.

The way to look at it is like this: the chances of you getting hacked our admittedly pretty small. But in the unlikely event that you do get hacked, the severity of what can happen out weighs the hassle involved in occasionally having to type in a 6 digit code that you received on the phone that’s probably in your pocket. On top of that, it’s one of those weird things—like backing up your data—that only seems important when you find yourself in a sticky situation that you could’ve prevented if you’d only been a little bit more careful.

So again—and I repeat this because it bares repeating—do me a favor, and turn onto step verification on your e-mail at the very least. If you use an e-mail provider that doesn’t offer two-step verification, consider switching to one that does. It’s not worth losing all your data, having to contact support at every service you’ve ever logged into, sitting on hold with all of your banks, and all the other hassles that come along with identity theft.