The cloud, in this sense, is like a big free storage locker — but one that poses a special security danger. Unlike a physical file cabinet, data stored in the cloud can be at risk of being stolen by cyber-criminals around the world. And if the crooks do strike, they are likely to get hold of an enormous amount of information.

The most common way crooks get into cloud services is by getting a consumer’s password and letting themselves into the account. They can do this by hacking a cloud company’s database, tricking a consumer into revealing it (often using an email that purports to be from the company) or simply guessing it—many consumers today still use easy-to-guess passwords like “123456” or “password.” Meanwhile, consumers may re-use passwords, which can lead to a series of additional digital break-ins.

“Given our ever-growing online presence, consumers may be tempted to use the same password across multiple websites,” says Megan Stifle, cybersecurity policy director at consumer advocate group Public Knowledge. “This leaves consumers very vulnerable. If the password is compromised at one site, e.g., at their email account, the [hacker] will try the same password and simple variations of it at the most valuable sites in the user’s inbox.”

Fortunately, cloud companies are paying a lot of attention to the problem of cloud security. Many are offering consumers easy-to-use options to lock down their data. Right now, there are three good options, and all of them involve asking for an extra piece of information when someone tries to log in from an unfamiliar computer.

The first extra-security option comes in the form of a simple text message, and companies like Google and Microsoft have been offering it for a while. It involves sending a code to a consumer’s cellphone, and asking them to enter it along with their password.

While this system is a good one, it can be breached by really determined crooks who can trick cell companies into rerouting the text message to their phone. That’s why some users turn to other solutions to enhance their cloud security.

This second method relies on apps and is offered by firms like Duo and Authy. These apps offer an ever-changing series of numbers that serve as the extra step to go along with a consumer’s password. The app method is slightly more convenient because the user doesn’t have to wait for a text message, and crooks can’t compromise it by going through the phone company.

The third method to secure cloud data doesn’t involve your phone but instead requires consumers to insert a tiny key into their computer. The most popular such device, known as a “Yubikey,” is made by a firm called Yubico and costs as little as $19. It works with popular services like Facebook and Dropbox.

The key method is extra-secure since it requires a user to prove they have a physical object before they can log-in from a strange computer—something that would be nearly impossible for a hacker to do. The key method can also be quicker since it doesn’t involve entering a code delivered to a phone.

“Think of it this way. You have a key to your car, to your house, and this serves as a physical key to your online identity,” says Jerrod Chong, vice president of solutions at Yubico. “Extracting the secrets from your physical YubiKey is significantly more difficult than a phone app on your phone.”

All three methods are easy to use. For most consumers, the biggest step is instructing the different cloud computer companies they use—Google, Microsoft and so on—that they want to implement them. This involves going into the security settings and adding the extra defense measure, which is often described as “two-factor authentication.” (Often the quickest way to find this setting is by searching the web for something like “Dropbox two-factor.”)

The bottom line, though, is that consumers are increasingly putting their most valuable information in the cloud, including their documents and their photo memories. As they do so, it’s becoming more critical than ever to add extra security.