Multifactor Authentication on Email is Critical
Last Updated on December 18, 2020 by Bobby Niswonger
When we get right down to it, everything critical in our online lives is routed through our email accounts. Everything from our receipts to reports, to photos of our kids, end up in our email. So why do so many people feel safe using the same weak security that can be gotten through with phishing and sometimes even brute force? We are going to take a few minutes here and discuss: what multifactor authentication is, why it is a meaningful addition to your online security arsenal, as well as how simple it can be to set up.
When we log in to any website, it requires the use of a password; however, sometimes we may make these too easy to guess, or even worse, we could fall victim to a phishing scheme and accidentally give our password to someone with deliberate malicious intent. How can we prevent others from accessing our email with one simple extra step? You can thwart most attacks by enabling multifactor authentication, or MFA for short. It may sound complicated, but couldn’t be easier in most cases.
Getting Set Up
For most providers, the first step to setting up MFA is to enter a mobile phone number. Then the provider sends you a code via text message you enter on the site to verify you own it. After that every time you log in at the correct website it will ask you for the code.
Multifactor authentication may seem like a burden more than a benefit, but one important factor to keep in mind is that once you log in on a private device such as your phone or personal computer, you stay logged in until you deliberately log out. This way MFA doesn’t get in the way, but still works to keep your account safe.
To determine if your email provider supports MFA, check out twofactorauth.org.
Why to Use It
MFA makes it nearly impossible for a cybercriminal to access that service. If they try they run into a roadblock, they can’t verify the code without access to the phone. For example, with Gmail, if someone tries but fails to log in to your account, you typically get a notification from Google immediately letting you know of the blocked attempt, and its approximate location. From there you can either approve the request or change your password to keep your account safe.
There are some considerations such as: making sure to keep your phone number up to date, and letting your provider know as soon as possible if you lose your phone. With a little care and thought though, you can make sure your private online life stays just that.
Technician at Computer PRO Unltd, father of one, gamer.