Think about how much information about yourself you have saved in your email account. We sign up for bank accounts, buy things online, and communicate with others using our email addresses.
Is your password is strong enough to keep the bad guys out from grabbing all this sensitive information? I like to think mine is, but I also know that if someone really wants to, that person can use cracking tools and other tricks to break in.
With two-factor authentication, at least, the attackers need more than just my password to get in. Username and passwords are "what you know." Two-factor authentication requires something else, such as a mobile device, hardware token, or a smart card for "something you have." Biometric data, such as fingerprints, for "something you are," is also an option.
Basically, if the attacker tries to log in to your account with your password from an unknown device or browser, that person would also need your mobile device or your fingerprints to succeed.
Google and Yahoo offer two-factor authentication for their web-based email services. If you use Yahoo Mail or Gmail, here is how to turn on this security feature.
Gmail
If you have a Google account, then login to your account and click on your name in the upper right corner of the screen. In the resulting menu dropdown, you can click on Account to access the account settings page. Under Security, there is an option for two-step verification. Click on Edit to start the sign-up process.
You follow the step-by-step process to associate a mobile number to your account. Whenever someone logs into your account from an unknown browser or device, Google sends a challenge code via SMS message to your mobile device. Without that code, Google will block the login attempt.
If you have an Android or iOS device, you can generate your own codes using the Google Authenticator app instead of waiting for the SMS message.
Yahoo Mail
If you have a Yahoo! account, log in to your account, click on your name in the upper right corner, and goto the Yahoo! Account Info page.
Look for the "second sign-in verification" option and follow the prompts to enter your mobile phone number. Yahoo will send a test message to your number via SMS, which you will enter to verify the process worked.
Hotmail/Outlook
Microsoft doesn't offer two-factor for email. It is working on a secure and easy way to strengthen your login, but we don't know what that is yet. If you use Xbox Live, Microsoft's online billing portal, or Sky Drive, you can enable two-factor for those services, though.
Two-factor authentication can be a pain for users since it slows you down. If you don't have your phone and you want to quickly check your mail from someone else's computer, you are out of luck. But isn't that layer of security worth the peace of mind that comes from knowing that attackers can't just hop in and out of your account?
While you are at it, check out the steps for protecting your Facebook account, too.
0 comments:
Post a Comment