Why use two-step verification?
Published on June 14, 2018
You might be aware that Hushmail offers two-step verification as an option for further securing your email. However, you might not have fully considered whether or not this is for you. Who should be using two-step verification and why?
The answer to that question is anyone who wants to ensure the greatest security possible for their communications. The reason for this is simple. As organized and careful as we are, very little in our lives is 100 percent secure. For example, ideally you have memorized your Hushmail passphrase and there is no physical or digital record that someone could steal. However, because Hushmail provides extra security by not giving out or allowing you to reset forgotten passphrases, most likely you have a record of your passphrase, either written down on paper or stored on your computer. There are numerous ways, ranging from computer theft to an office break in, by which someone might obtain your passphrase and access your account without permission. Two-step verification is an added block that helps prevent such an event from occurring.
How does it work?
The concept of two-step verification is simple. When signing in to your account from an unknown computer or device, you are required to verify your identity in two different ways. The first way is with your passphrase. The second way is to verify with a security code that is sent to a second device, such as your phone, or another email account. You can also choose to receive the code through a smartphone app such as Duo Mobile or Google Authenticator. Once you enter the code, the device or computer will be “trusted” and further security codes will not be necessary to access your account.
What if you don’t have your phone or access to a second email?
If, for whatever reason, you aren’t able to access your security code when you need it for two-step verification, we also provide you with a backup verification code. This code is much longer than the security code we send you through your phone or email. Also, we only give out one of the backups each time you set up two-step verification, so be sure to write it down or take a screen capture and keep in a safe place.
If you are unable to access the security code and have lost the backup verification code, you can always go back into your account through a trusted device and find the backup under the Security tab within the Preferences page.
If you use a community computer, browse in private
It’s important to be mindful of the device you use. If you are using a computer that has multiple users and you don’t want it to be a trusted device, you might want to use the browser in private mode such as Incognito in Chrome, Private Browsing in Firefox, InPrivate browsing in IE, etc.
Two-step verification works with Hushmail for iPhone
If you have two-step verification turned on and also use the Hushmail for iPhone app, you will be required to authenticate with your passphrase and security code any time you switch to a new iPhone.
If you’re using Outlook, Mac Mail, or other email software
If you are using POP or IMAP to access your email account you will need to update your password in your email software to match the secret passphrase that’s given to you after you set up two-step verification.
Try two-step verification for greater peace of mind
If you would like to try two-step verification, setup is simple:
- Sign in to your Hushmail account
- Go to the Preferences page by clicking the link in the upper right corner
- Select the Security tab
- To get started, click on the pencil icon to turn it on
- Follow the on-screen instructions
Don't have an account?
Sign up for Hushmail Premium or Hushmail Business today.