Hopefully you already have a secure e-mail password. One that is at least 12 characters and doesn’t contain things that might be guessed by a hacker. Ideally some unrelated words and some numbers and or funny characters, but something you can remember. E.g. black44car*Raining
What you may not have is Multi Factor Authentication “MFA” enabled.
MFA is basically a secondary means of confirming your login. In most cases it is only used on an “unknown” device to save being bugged a lot, hence why a strong password is still essential. They go “hand in hand”.
So why do I say MFA is “essential” to e-mail?
Primarily because if a data breach happens to your e-mail provider, or your e-mail password is hacked (even if you think it’s secure), then you have basically opened the door to your entire identity.
The next time you go on a site and see the “forgot password” link under the login, think what would happen if a hacker had your e-mail account details?
Easy: he would be able to reset your password and gain access. And it is likely you wouldn’t ever know as he would hide his tracks. At most you’d think it strange that the password you thought didn’t work, and click the “forgot password” button yourself at a later date.
Just think of the sites a hacker could gain access to and what could be done by him…..
So enough of the melodrama, albeit potentially real melodrama; what can be done?
All major mail services now offer the option to enable MFA. It can range from a simple SMS to a USB token. For most users I recommend an app, and in particular “Authy”. When you attempt to login to a new device in addition to entering your password you will need to enter a code from Authy on your phone. And Authy requires a pin or fingerprint to access. Not foolproof, but very close to.
If you need help setting this up on your e-mail system, ZEN are always happy to assist with advice and/or remote help.
We’re also happy to discuss and/or provide more detail on the above, as this is by necessity only an introductory article.