Internet Street Smarts: Minimize email hacking with two-step verification

Don’t be intimidated by the title of this article!

Enabling two-step verification, also referred to as two-factor authentication, when offered as an option by your email service provider and increasingly at other digital-world-based services, can decrease the likelihood of nefarious entities being able to use your stolen credentials.

Analogous to how you are asked to provide two pieces of identification while queuing up at the TSA checkpoint before proceeding to your flight’s boarding gate, after enabling two-step authentication you will first be asked to type in your password when accessing your email account but password alone will not get you to your inbox.

The email system will ask you to provide the second piece of identification: an unique code. This unique code will be texted to your mobile phone, with an option to get a voice call instead, after successfully providing your password. The option also exists to remember your device you are using (computer/tablet/smartphone) so on subsequent accesses you can skip this second step.

But how will this prevent the nefarious entities from using your stolen credentials to gain access to your email account?

Without requiring the second piece of information, i.e. unique code sent to a “physical” mobile phone in your possession, a nefarious entity can gain access to your email account from anywhere in the world with just the stolen password. By requiring the second piece of information, the nefarious entity with the stolen password will also have to steal your mobile phone (to receive the unique code) or steal your previously-registered device.

Although stealing your physical device is possible and stealing the digital key on your physical device is possible under some circumstances (latter if you opted in for your service to remember your device), adding this extra step is a deterrent in itself until two-factor authentication becomes widely used at which point the cat-and-mouse game will continue to evolve.

Tak Sato

Business and technology strategist/consultant with 25 years of experience. Holds Bachelor of Science in Computer Information Science and MBA from Cleveland State University.

As founder of geek with a heart, "Hand-holding You in the Digital World", Tak helps Individuals, Seniors, Families, Small Businesses, Schools, and Non-Profits utilize appropriate technology in their personal and professional lives.

Read More on The Digital World
Volume 7, Issue 12, Posted 9:28 AM, 06.16.2015