What is 2FA? How can two-factor authentication keep online accounts safer?

Have you ever wondered if you should enable 2FA for your online accounts? mail.com explains how two-factor authentication works and looks at the hows and whys of authentication apps.
Woman sitting in café looking at laptop while holding smartphone
Use 2FA with an authentication app for extra online protection
Keep reading to learn whether you could benefit from 2FA.
A strong password is always the best way to protect your email and other online accounts. But what if you log into such accounts on a computer that other people have access to? With so many passwords to juggle nowadays, we often save them in the internet browser or a mobile device’s password manager – which means that as soon as anyone else has access to our laptop or phone, it may be possible for them to get the passwords as well. In other cases, passwords can be compromised through hacking, phishing or data leaks. So if you don’t want to rely on your password alone, your can take advantage of a multi-step verification process known as two-factor authentication, or 2FA.

What is two-factor authentication?

In computing, “authentication” refers to the process of verifying the identity of a user. When you enter your password to log in to an online account, this is a form of authentication – you prove that you are the owner of the account by knowing the password. Unfortunately passwords are not foolproof – some people use passwords that are easy for others to guess, hackers have various methods of cracking them, or users are tricked into revealing their login credentials. So if your password is the “first factor” that shows that an account is yours, adding a “second factor” will provide an extra layer of security. This second factor can take different forms, ranging from a code sent to your cell phone to a physical token inserted into a USB port. A two-step verification process is known as two-factor authentication.

How does two-factor authentication work?

The steps in multi-factor authentication usually require something that you know – your password – and something that you have – like your smartphone. (Advanced devices may require “something you are” – biometric data like a fingerprint, face or iris scan, or voice print.) Even if someone has cracked your password, they will not get any further unless they also have the other factor. For example, a company may send you a verification code by text message (SMS) and ask you to enter this code as part of the login process. In other cases you may be required to have a special authenticator app on your smartphone. You will either have to enter a password into this app to authorize a login, or the app will generate a second, one-time password (OTP) for you to use in the login process. In all cases, once you have entered the second password or code, your identity is verified and the login or transaction will continue. In most cases this password or code is only valid for a brief period of time, so if you don’t use it within that window, you’ll need to request a new one. This increases the security of the process by making it harder for a third party to use the code.

Why do I need 2FA?

Today data breaches cost an average of two trillion US dollars annually. And the personal costs of a hacked online account can be devastating – ranging from someone using your credit card to go on a shopping spree to wholesale identity theft  Experts report that weak, stolen or reused passwords are one of the primary causes of online security breaches. Phishing scams are a major concern: emails with links to fake websites can trick users into entering their passwords, after which cybercriminals can use these stolen login credentials to access the victim’s online accounts. Two-factor authentication provides protection against phishing and other password breaches by requiring a second form of validation after the password has been entered. If you always use unique, strong passwords for each online account, however, you may feel that this is enough to protect your accounts and decide against the extra step of 2FA.

How to activate two-factor authentication in your mail.com account

If you would like to give your mail.com email account additional protection beyond a strong password, you can turn on two-factor authentication. As long as 2FA remains activated, you will have to enter a six-digit, one-time password generated by an authentication app on your smartphone every time you log in to your account. Even if someone else knows your password, they will not be able to access your account without entering this code – and neither will you. Therefore, please keep in mind that you will always need your mobile device at hand to log in to mail.com in a web browser.
 
To activate 2FA, log in to your mail.com account and go to Home > My Account > Security Options. Scroll down to Two-factor authentication and click Activate two-factor authentication to launch the setup assistant. You will first see a checklist of everything you need for the 2FA activation process:
 
Screenshot of requirements for mail.com 2FA activation
Make sure you have these things handy before you set up two-factor authentication

 
Click Start setup now, enter your mail.com password, and then save your mobile phone number. A text message will be sent to this number with a confirmation code.
 
Now use the authenticator app installed on your smartphone to scan or copy the QR code that appears on the screen. Next, enter the 6-digit code shown in the app. Finally, your secret key will be shown. It is very important that you save and print this document because the secret key is necessary to restore access to your account if you have a problem with 2FA in the future.
 
Congratulations – Two-factor authentication has been activated! If you change your mind later and wish to deactivate it, simply go back to your Security Options and follow the instructions there.
 
We hope you found our 2FA explainer helpful! We look forward to your feedback below.
 
Images: 1&1 / Getty Images

16 people found this article helpful.

Related articles

What can I do if I have a problem with 2FA?

2FA? OTP? Why do I need an app for that?

Why can’t I sign in to my mail.com email account?