What can I do if I have a problem with 2FA?

If you are like a lot of our users, you appreciate the extra security that 2FA gives your email account by requiring a second verification step at login. But what do you do if something goes wrong – like if you no longer have access to the “second factor” because of a problem with the device you use for authentication?
Man eating breakfast while using digital tablet and phone
Problems with 2FA? Your secret key will soon have you smiling again!
Don’t panic – it’s time to use your secret key.
Setting up two-factor authentication (2FA) is a great way to boost the security of a login process, because it means that even if another person somehow gets their hands on your password, they can’t access your account. This is because you are asked to enter a second password, this time in the form of a one-time code generated by a separate authenticator app. In other words, for 2FA to work you need access to the device where this app is installed. Here’s where things can occasionally go wrong. Imagine you have a new device or cell phone number (best case) or have lost your phone (worst case) and so can’t use the app you had installed, but you still need a code for the login process. No worries – the people who developed 2FA also came up with a back-up plan: your secret key.

What is a “secret key” and how do I get one?

Your secret key was created as part of the two-factor authentication setup. It is a randomly generated series of numbers and characters that looks something like this: XXX33-44yyy-88ZZ8-5aaa5. During the mail.com 2FA activation process, you were provided with your secret key in a PDF file and prompted to save or print it:
Screenshot of secret key creation screen in 2FA activation process
Be sure to save your secret key some place where you can find it – and make a printout!

What do I do if I can’t access my device or authentication app?

If you can’t log in with 2FA because you no longer have access to the device needed to generate a one-time code or can’t use your authentication app for different reasons, you can deactivate two-factor authentication using your secret key. Simply initiate the password recovery process for your mail.com account. During the password resetting process, you will be prompted to enter the secret key and 2FA will be deactivated:
Screenshot of prompt to enter secret key during password recovery process
You can deactivate 2FA by initiating the password reset process and entering your secret key when prompted

If you like, you can then reactivate 2FA by following the same setup process you originally used (which can be found under My Account > Security Options in your mail.com account).

What do I do if I can’t find my secret key?

There is a good chance your computer remembers what you did with the secret key even if you don’t! So if you can’t find your printout with the secret key, check if the PDF is still in the download folder of your computer. You may also have saved the file in a different location on your hard drive. Take a moment to check using the Windows File Explorer or Mac Finder search function – if you didn’t change the file name when you saved it, it should be called “Secret Key”.

If none of this helps locate your secret key, you can contact our Help Center so we can attempt to verify your identity. However, please keep in mind that the purpose of 2FA is to protect your email account. This means we take the verification process very seriously, and it can therefore be difficult and take some time.

Reminder: Make sure that you have saved at least one valid contact option for your mail.com email account under My Account > Security Options. We need a valid alternative email address or cell phone number in order send you a password recovery link. Not having this contact information saved will slow down the password recovery process, including the deactivation of 2FA. The personal data you save in your account may also be used during the process of verifying your identity, so please make sure it is accurate and up to date.

We hope we were able to help you get 2FA working again! Please leave us some feedback below.
Images: 1&1/iStock

Posted in

2FA Security Password

7 people found this article helpful.

Related articles

2FA? OTP? Why do I need an app for that?

One hand holding smartphone while other hand types on laptop keyboard
The authenicator app on your smartphone generates a one-time code for the 2FA login

Two-factor authentication (2FA) is about boosting your inbox security by adding a second verification step to your email login process. And this second factor is a six-digit security code that you not only use to activate two-factor authentication, but also to log in once 2FA has been set up. This security code is also called an “OTP,” and it’s generated by an app that you install on your smartphone.


Posted in

App Password Security 2FA
18 people found this article helpful.

Ask the Expert: Secure passwords

Notice board with lots of notes tacked up including one with a password
What password security mistakes can you spot in this picture?
Welcome to our first ever “Ask the Expert” post! We’re joined by our email security expert Arne for a deep dive into the topic of passwords and online security. In an interview, he shares some do’s and don’ts about passwords and clears up some common misconceptions. more
25 people found this article helpful.

Checklist: your personal mail.com settings

Man typing on computer keyboard with word "Password?" appearing over his head
Forgot your password? Saved contact information speeds up the password recovery process
Is your email account as secure as it can be? You can help keep things safe through your personal settings. The personal data associated with your mail.com account can be found on the Home page of your mailbox under "My Account." This is where you go to enter a cell phone number so you can quickly recover your password. Or change your password if you think the old one is no longer secure. But there are a few more things you can do to boost the security of your email. Let’s take a look – we promise, it will only take a few minutes, and it could save you a lot of trouble down the road. more

Posted in

Inbox Security Password
51 people found this article helpful.

How secure is my password?

Metal lock on laptop keyboard
A strong password is like a lock protecting your email account
“Better safe than sorry” may be an old saying, but when it comes to your email password, it definitely still holds true. Because if an unauthorized person gains access to your email account, it can have serious consequences. more

Posted in

Security Password
20 people found this article helpful.

Why does mail.com want my address?

Female customer support agent wearing headset and talking to customer
If you contact customer support, your address is one way to verify your identity
When you signed up for your mail.com account, you might have asked yourself why we asked for your postal address. Are they going to send me advertising by snail mail? Give my address to third parties? Of course not! There’s a simple explanation, and it has to do with security. Hopefully this post will clear up the mystery of what we use your contact information for – and why you shouldn’t simply enter a fake address. more

Posted in

Security Password
23 people found this article helpful.

mail.com updates its email service with two-factor authentication and new spam recognition technology

Two-factor authentication is now available to all mail.com users worldwide. The security feature provides additional protection both to the mailbox and to the cloud. With active two-factor authentication, account data is safe from unauthorized access, even if the account password is lost or compromised. To log in, users who activate two-factor authentication in their account settings will be required to enter not only their personal password, but also a temporary 6-digit one-time code generated by an authentication app on their smartphone. more
152 people found this article helpful.

Americans see data disclosure by internet companies or authorities as one of biggest threats to data security

  • Majority of U.S. Americans concerned about hacker attacks
  • A quarter worry about burglary and damage to homes
  • Dangerous lack of awareness: More than one in ten respond to spam emails
6 people found this article helpful.

What is ransomware?

Red-on-black image of locked computer screen against a background of binary code
Do you know how to recognize and protect yourself against ransomware?
You may have seen headlines about ransomware attacks on institutions ranging from banks to hospitals to gas-pipelines. But what is ransomware, why is it dangerous, and can such attacks be prevented? Today, we answer your questions about ransomware. more
9 people found this article helpful.

How do I know if my email has been hacked?

Person wearing hoodie types on laptop while looking at screen with the words Hacker Attack

What happens if your email has been hacked?

How do you know if your email has been hacked or comprised? And if it happens, how can you block cybercriminals and regain control of your account? Discover the most common signs of a hacker attack and what to do about them. more

Posted in

Email Inbox Security
38 people found this article helpful.

Phishing emails: How to protect yourself

Image of fishhook hooking an @ symbol above a white computer keyboard

Be on the alert for phishing scams that aim to hook your personal information

You have probably heard about phishing scams – fraudulent emails designed to rob you of sensitive data. Because phishing is one of the most widespread forms of cybercrime, it’s important to learn how to recognize these scams so you don’t get caught in the net. more

Posted in

Phishing Security Spam
41 people found this article helpful.