Why I use 2-factor authentication for email — and you should, too

David Pollino
Posted by David Pollino
Security

Email is one of the most common targets for hackers into individuals’ and businesses’ computer systems. Some small business owners use personal email to conduct business, and even larger businesses sometimes mingle personal and business email.

Business man looking at his cell phone while sitting in front of his open laptop.So it’s important to protect your email account — for both your own benefit and the benefit of your company.

One easy step that I use to protect my personal email is called two-factor authentication or out-of-band authentication. Whenever my friends or business acquaintances ask about email security, I always recommend they use two-factor authentication. It is not failsafe, but it is an easy and effective means to help protect your email accounts against hackers.

Here is how two-factor authentication works:

1)   After you enter your email password on a new device, a verification code will be sent to your mobile phone via text, voice mail, or through a mobile app. You will have to enter that code to gain access to your email.

2)   Once you sign in on a device you can indicate if you want the authentication system to remember that device for a period of time. For example, you may not want to deal with the verification code every time you log into your email on your home computer or other personal device.

3)   Some applications do not support the use of two-factor authentication (such as your iPad or Mail applications), so you will want to set up application-specific passwords. These are generated by your email provider and can only be used for one application. If you lose a device or are infected with malware, you can revoke the password.

4)   No one will be able to gain access to your email from a device that has not been authenticated through the two-factor authentication or with an application password. If anyone, including you, tries to sign into your email from a device that has not been authenticated, that person will be asked for a verification code, which will be sent to your phone.

You can set up two-factor authentication in the settings area of your email account. For example, here is more information on how 2-step verification can protect for your Google account.

Two-factor authentication is a powerful tool to protect you against cybercriminals. If you have enabled two-factor authentication, a criminal who knows your email password cannot use that password on a device that has not been authenticated by you.

If your email is compromised you are more vulnerable to identity theft and financial fraud. It is not uncommon for hackers to take over a victim’s email and then request money from the victim’s friends or request wire transfers from the victim’s business.

Also, because email is frequently used to reset passwords for websites and online accounts, it is doubly important to protect your email account from hackers.

 

Reminder: All comments are moderated prior to publication and must follow our Community Guidelines.

  • Anonymous says:

    It’s unfortunate that so many online services today support two factor authentication, but so *few* banks. Some banks offer some lesser forms of two factor authentication (SMS), but I can find no bank that works with the most popular and vetted solution, Google Authenticator. If there was ever a bank that took security as seriously as Google, i’d switch in an instant.

    Reply | 5 years ago
  • Anonymous says:

    Ok BotW, it’s time! Please Support 2 factor Authentication with Google Authenticator.

    Reply | 5 years ago
  • Anonymous says:

    Yes, ironic that David works for Bank of the West and is promoting the value of two-factor authentication yet customers of Bank of the West can’t use it to log on to their banking accounts. There are lots of apps out there that would work fine or, heaven forbid, BOW could simply add two-factor authentication right into their app for iPhone/Droid.

    Reply | 4 years ago
    • David Pollino says:

      It’s great to hear that you’re a fan of enhanced authentication techniques. At Bank of the West we use many stepped-up authentication techniques on our sites, including challenge questions, out-of-band, and knowledge-based authentication. We continuously evaluate our layered security approach to identify opportunities to protect our customers. You should see enhancements to our site as time goes on.

      Reply | 4 years ago
  • Anonymous says:

    we do most of our banking online with bank of the west. Do you offer any type of two factor auth? If not, why, and when will you offer it? This article clearly shows that you think it is important, yet if you don’t offer it, why?

    Reply | 2 years ago
    • David Pollino says:

      Two-factor authentication is one of many enhanced authentication approaches. It’s still the case at Bank of the West that we use many stepped-up authentication techniques on our sites, including challenge questions, out-of-band, and knowledge-based authentication. We continuously evaluate our layered security approach to identify opportunities to protect our customers. If you have further questions regarding your account, I would encourage you to call 800-488-2265.

      Reply | 2 years ago

Submit an Idea

[contact-form-7 id="32" title="Share An Idea"]

You are leaving the Bank of the West Change Matters site. Please be aware: The website you are about to enter is not operated by Bank of the West. Bank of the West does not endorse the content of this website and makes no warranty as to the accuracy of content or functionality of this website. The privacy and security policies of the site may differ from those practiced by Bank of the West. To proceed to this website, click OK, or hit Cancel to remain on the Bank of the West Change Matters site.