With data breaches becoming more and more common — like those at Equifax (2017) or Yahoo (2013) — it’s getting easier for hackers to break into your email and use it as a stepping off point for identity theft or other mischief.
The best — and nearly foolproof — way to protect your email accounts from being accessed by unauthorized persons is to set up two-factor authentication.
This can also be called multi-factor authentication or two-step verification.
Normally, in order to log in to your email, you need one thing: your password. When you set up two-factor, you will sometimes need a second thing: usually your smartphone.
Here’s how it works:
Set up two-factor authentication following the instructions that correspond to your email service (gmail, yahoo, etc.) by providing your cell phone number. The process will also provide some emergency codes that you can use in case you have no access to your phone, you have no signal, no battery life, etc.
Attempt to login to your email from your computer or other device. It will send a code or other signal to your phone, depending on how it was set up. You will either confirm directly on your phone or enter the code on the login screen on your computer or device. This will let you login.
The next time you login with the same device, it will know that it’s you. That is, you won’t need to confirm every time you login, as long as you use the same device, so it isn’t an inconvenient as it sounds.
If someone (including you) logs in on a different device such as a new phone, a computer at the library or halfway around the world, it will prompt you again through your phone since it will not recognize that new device. You will need to confirm.
This process prevents a hacker from accessing your account because they won’t have your phone or the codes provided.
It is recommended that your phone have an access code or other security so that, even if you lose your phone, unauthorized parties cannot use it to verify your email access.
If you have a Gmail account, you can set up 2-factor authentication as follows:
Login to your Gmail account
Click your name or image at the upper right
Click the Google Account button
On the next screen, click the Security link on the left
Scroll down a bit and click 2-step Verification
Click Get Started
Follow the steps on the screen
From the two-step verification screen, you can also turn on Google Prompt so that you won’t actually need to type in the codes.
You can also view 10 backup codes that you can store in your wallet or elsewhere as explained above.
To turn on two-step in Yahoo:
Click your name or image at the upper right.
Click Account Info.
Click Account Security on the left.
Look for Two-step verification. Click the slider to turn it on, then fill in your phone number and complete the process.
Logging in with two-factor is a bit more work but worth the peace of mind to know your account is safe.
Carol Sabbar is director of computer services at Carthage College. Email her at email@example.com