Our email accounts contain a ton of information about ourselves. We sign up for bank accounts, buy things online, and communicate with others using our email addresses. And the only thing keeping the attackers out is the strength of our passwords.
No matter how complex the passwords are, they are not foolproof. The attackers have cracking tools at their disposal and other tricks to get access to our accounts. Two-factor authentication prevents attackers from getting in even when they’ve gotten our passwords.
Two-factor authentication makes the login process a bit more challenging for attackers by adding another layer of security to the normal username and password combination (“what you know”). The second factor could be “something you have,” such as a mobile device, smart card, or a hardware token, or “something you are,” such as fingerprints and other biometric data. Basically, if the attacker tries to log in to your account with your password from an unknown device or browser, the system demands a second verification. Unless the attacker has access to your mobile device or your fingerprints, the attack cannot proceed, and therefore your account remains safe.
Several web-based email services have rolled out two-factor authentication. If your mail provider is one of them, you should turn on the additional security protection immediately. Here is how.
Gmail
If you have a Google account, login to your account and click on your name in the upper right corner of the screen. In the resulting menu drop-down, click on Account to access the account settings page. Under Security, there is an option for 2-step verification. Click on Edit to start the sign-up process.
The step-by-step setup process guides you through the process of associating a mobile number to your account. Essentially, whenever someone logs into your account from an unknown browser or device, Google sends a challenge code to your mobile device via SMS. You need to enter that code on the screen to be able to log in.
Note that if you have an Android device, you can decide to download the Google Authenticator app, which will generate the code on your app instead of bothering with SMS messages.
Yahoo!
If you have a Yahoo! account, log in to your account, click on your name in the upper-right corner, and go to the your Account Info page. You may be prompted to enter in your password again.
Under Sign-In and Security, Look for Set up your second sign-in verification and follow the prompts to enter your mobile phone number. Yahoo! will send you a test message to your number via SMS, which you must enter to verify the process worked.
Hotmail/Outlook
If you have a Hotmail/Outlook account, login to your account, click on your name at the upper right and click on Account settings. Under the menu to the left, click on Security info. Make sure to have your mobile device handy to set up the two-step verification. Once you’re in the Security info section, underneath Two-step Verification, click on Set up two-step verification and follow the instructions.
There you have it. Your accounts are much more secure than they used to be. Perhaps it’s time to protect your Facebook account as well?