There are certain settings you can implement to prevent your email from being hacked. However, this one setting, if left disabled, can make a hacker’s day—while ruining yours.
A Password Isn’t Enough: How MFA Protects You From Hackers
Believe it or not, passwords are the bane of the internet. Memorable passwords that an average person might use on their account aren’t very secure, and secure passwords tend not to be memorable. This leaves us in a situation where most passwords you’d use daily, such as the one to your email inbox, aren’t very secure.
tete_escape/Shutterstock
With computers becoming faster, brute-forcing such passwords wouldn’t be a significant problem. Hackers often conduct research on their targets, which makes the guessing game easier. Account passwords are also often leaked in data breaches, and since people tend to use the same passwords across online accounts, this puts multiple accounts at risk from a single leak.
We can’t eliminate passwords entirely. However, they’re not the most secure means of authentication either and require additional verification. This is where Multi-Factor Authentication (MFA) comes into play. Usually, MFA works by sending a one-time password (OTP) code to another account or device that you own. Authenticator apps can generate these codes and are better protected against SIM-swapping attacks, while SMS 2FA is popular but not considered as secure.
Related
Don’t Click That! 4 Innocent Email Habits Hackers Use Against You
Your routine email habits might be putting your security at risk.
It’s essentially locking your account with multiple “factors.” In most cases, these factors are “something you know,” such as your password, and “something you have,” like your phone, which receives or generates the OTP codes. This is called two-factor authentication or 2FA and is the most popular form of MFA you’ll come across on the internet.
Having to enter a secondary code during sign-in that only you have access to significantly decreases the risk if a hacker acquires your password. Regardless of whether they skimmed your password from a data leak or a phishing attack, they’ll still require the OTP. These codes are much harder to obtain unless hackers have physical access to your phone.
How to Enable MFA on Your Email Account
Most email services have either mandated MFA or will often prompt you to set it up. The steps to enable MFA vary based on what email provider you’re using, but you’ll generally find MFA settings tucked away under your account’s security and privacy settings.
We’ve covered how to secure your Gmail, Outlook, and other accounts with 2FA before, but here’s a quick rundown for enabling it on some of the most popular email services.
Gmail
Enabling 2FA on Gmail is a simple matter of updating your Google account settings.
- Head to your Google Account, sign in, and click the Security tab.
- Scroll down and click 2-Step Verification. You may be prompted to sign in again.
- Select the sign-in option that best suits your needs.
While Google can send you OTPs via SMS, we recommend you install Google Authenticator to generate OTPs locally on your device. It’s available on both Android and iOS and can work for other services as well.
Outlook.com
You can also set up 2FA protect on Outlook.com. Note that this is different from your desktop Outlook client.
- Visit your Microsoft account page then head to Security.
- Select the Two-step Verification option, then select Turn on two-step verification, and hit Next to proceed.
- From here, you can set up an authenticator app to work with Outlook.com.
Other 2FA methods are set using your email account and the phone number linked to your account.
Proton Mail
Follow these steps to enable 2FA on Proton Mail.
- Head over to your Proton Mail dashboard, sign in, and click the Account and Password tab.
- Under Two-factor authentication, enable the Authenticator app slider.
- You’ll be shown a QR code. Scan it with Google Authenticator to enable 2FA.
We have more online accounts than ever, which means our potential for exposure is higher than ever before. With data breaches taking place all the time, taking a moment to protect your account with multi-factor authentication is a quick and easy way to add some extra protection to your accounts.
