Advice Request 2 Factor Authentication for Email Access - Worth it or too Complicated?

Please provide comments and solutions that are helpful to the author of this topic.

Do you like 2FA for your Email Accounts?

  • Yes I like 2FA plus a strong password

    Votes: 21 87.5%

  • No I might prefer only a strong password because 2FA is too complicated

    Votes: 3 12.5%

  • No because I am using Hardware Authentication

    Votes: 0 0.0%
  • Total voters
    24
  • Poll closed .
Status
Not open for further replies.
SearchLight

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
Google and Microsoft for example, often suggest that people activate and use 2FA, along with a strong password for their Email account access.

I have read that use of 2FA can be used via SMS text or by downloading an authenticator app to your smartphone for example.

In addition, I have seen a hardware device that looks like a USB drive called a Yubikey that is supposedly more secure but I do not know much more about it as it has to be purchased.

That being said, do you just prefer strong passwords or like to supplement your access with 2FA or other type of device?

I should add that it has been mentioned that some Email Clients like Thunderbird, do not support 2FA yet, so you would have to select a supposedly less secure application specific password if 2FA is activated, and you want desktop access to your web mails.
 
  • Like
Reactions: upnorth and CyberTech
Atlas147

Atlas147

Level 30
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 28, 2014
1,990
2FA makes sure that even if your passwords are compromised in a leak, your accounts would remain relatively safe
 
  • Like
Reactions: SearchLight and upnorth
L

Lightning_Brian

Level 15
Verified
Top Poster
Content Creator
Sep 1, 2017
742
Great question @SearchLight !

I'd recommend it for all accounts! I think 2FA should be standard... Then again I may be considered a security "nut"! haha

Who else things 2FA should be standard? I cannot be the only one who things this I hope! I'm happy you recommend it as well @upnorth !

Couldn't have said it better myself @Atlas147 ! Its better to have another means of ensuring all is a'ok!

Now what is the best 2FA? I use Google Authentication. Looking for something different though.
 
  • Like
Reactions: oldschool, upnorth and SearchLight
SearchLight

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
The Google Authenticator app, which can be used with Outlook, too, imo is much better to use for the challenge question than an SMS which could be intercepted ota.

But then again, nothing is 100% failsafe. Just like smart browsing, using strong passwords plus 2FA like a good lock you use on your doors, should make a strong deterrent to discourage info thieves to consider looking elsewhere.

If I am missing something that is stronger or better, please chime in:).
 
  • Like
Reactions: oldschool
5

509322

SearchLight said:
Google and Microsoft for example, often suggest that people activate and use 2FA, along with a strong password for their Email account access.

I have read that use of 2FA can be used via SMS text or by downloading an authenticator app to your smartphone for example.

In addition, I have seen a hardware device that looks like a USB drive called a Yubikey that is supposedly more secure but I do not know much more about it as it has to be purchased.

That being said, do you just prefer strong passwords or like to supplement your access with 2FA or other type of device?

I should add that it has been mentioned that some Email Clients like Thunderbird, do not support 2FA yet, so you would have to select a supposedly less secure application specific password if 2FA is activated, and you want desktop access to your web mails.
Click to expand...

2FA on your Microsoft Account creates a bit of a nightmare.

Some apps you cannot login unless you know how to get the one-time password. And there is no proper step-by-step, how-to documentation. For example, if you configure 2FA in your Microsoft Account and attempt to install Microsoft Office onto another system and use Outlook, you have to use a one-time password to set it up. Microsoft doesn't tell anyone any of this. The person has to figure it out as they go along.

The whole 2FA is convoluted, poorly documented and it is difficult for people to get accurate, reliable help when things go wrong.

Since most people spend so much time in their email accounts - with a lot of in and out of the account, 2FA is nothing but a major hassle.

Microsoft and its atrocious documentation practices...
 
  • Like
Reactions: oldschool and harlan4096
SearchLight

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
Lockdown said:
2FA on your Microsoft Account creates a bit of a nightmare.

Some apps you cannot login unless you know how to get the one-time password. And there is no proper step-by-step, how-to documentation. For example, if you configure 2FA in your Microsoft Account and attempt to install Microsoft Office onto another system and use Outlook, you have to use a one-time password to set it up. Microsoft doesn't tell anyone any of this. The person has to figure it out as they go along.

The whole 2FA is convoluted, poorly documented and it is difficult for people to get accurate, reliable help when things go wrong.

Since most people spend so much time in their email accounts - with a lot of in and out of the account, 2FA is nothing but a major hassle.

Microsoft and its atrocious documentation practices...
Click to expand...

Appreciate your viewpoint but you did not say whether you use 2FA yourself. That said, for novices it is not recommended?
 
5

509322

SearchLight said:
Appreciate your viewpoint but you did not say whether you use 2FA yourself. That said, for novices it is not recommended?
Click to expand...

I used it for my Microsoft Account, but the inconvenience is just too great for me.

I use 2FA for financial and other sensitive accounts.

If your email account is cracked you can always shut it down and get a new one. If your sensitive accounts are cracked then all your money can be stolen and non-recoverable. Even with safe practices your data can be stolen from 3rd party systems and your financial accounts can be compromised. There is nothing you can do about the lack of security on 3rd party systems except not to open accounts and share infos in the first place.
 
  • Like
Reactions: codswollip and oldschool
RmG152

RmG152

Level 12
Verified
Jan 22, 2014
577
Lightning_Brian said:
Great question @SearchLight !

I'd recommend it for all accounts! I think 2FA should be standard... Then again I may be considered a security "nut"! haha

Who else things 2FA should be standard? I cannot be the only one who things this I hope! I'm happy you recommend it as well @upnorth !

Couldn't have said it better myself @Atlas147 ! Its better to have another means of ensuring all is a'ok!

Now what is the best 2FA? I use Google Authentication. Looking for something different though.
Click to expand...
I think the same, 2FA should be standard.

If you use Google auth, I recommend https://play.google.com/store/apps/details?id=com.mufri.authenticatorplus

This app fixes the device dependency issues of Google auth.
 
5

509322

RmG152 said:
I think the same, 2FA should be standard.

If you use Google auth, I recommend https://play.google.com/store/apps/details?id=com.mufri.authenticatorplus

This app fixes the device dependency issues of Google auth.
Click to expand...

2FA is standard, but it is the user's right to opt -in or -out.

The increased security comes at a major cost sometimes. For example, enable 2FA or authenticator on an investment\trading account. Watch what happens when, for whatever reason, you cannot authenticate and you are locked out of your trading account for days. Within minutes your assets can decrease 20% or more, but you cannot do anything to access them - not even a phone call to support. You are locked out until support resets everything. And that takes a minimum of 3 business days.
 
  • Like
Reactions: codswollip, oldschool and harlan4096
RejZoR

RejZoR

Level 15
Verified
Top Poster
Well-known
Nov 26, 2016
699
Yes. 2FA, once you get the hang of it it's not inconvenience. But greatly secures accounts. Especially important for main e-mail that you use to login to services. If you lose it, anyone can reset passwords and you also get locked out of all of them which is a huge problem. Keeping just main e-mail secured and you've already done 3/4 of the work. As of 2FA itself, even if mail gets leaked, 2FA can't because someone needs to go the length of spoofing your phone and using it to get access to your code generation. Which is very unlikely.
 
  • Like
Reactions: oldschool and upnorth
samit

samit

Level 12
Verified
Nov 4, 2011
830
For me, 2FA is really convenient. Especially, with Microsoft Authenticator, I can login to my Microsoft account without entering a password by authorizing my login with the Microsoft Authenticator app. I think every company should start to implement password less login by authorizing account with either hardware or software authenticator. This will be really helpful in protecting user accounts from being compromised. However, it might be complicated for an average user but it is up to every company to have proper documentation to help average users.

Screenshot (19).png
 
  • Like
Reactions: harlan4096 and upnorth
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
SearchLight said:
The Google Authenticator app, which can be used with Outlook, too, imo is much better to use for the challenge question than an SMS which could be intercepted ota.
Click to expand...
Use Microsoft Authenticator.

LastPass Authenticator is another good one if you have a LastPass account, and value your online accounts; sensitive data or not. You are responsible your account's security.

If you don't care about a having a compromised password, then don't use one. If you cannot handle the extra step, disable it. It's all simple.
 
  • Like
Reactions: oldschool, harlan4096 and upnorth
codswollip

codswollip

Level 23
Content Creator
Well-known
Jan 29, 2017
1,201
Too many friends with busted phones... and their google authenticator keys don't transfer to the new account... so on their knees to google to restore access and prove who they are.

One of the authentication questions... what day did you open your google account? Yea... sure... we all know that.
 
  • Like
Reactions: oldschool
itchy

itchy

Level 1
Aug 1, 2018
4
2FA is a no brainer for me. I even bought a Yubikey and have it on every account that accepts U2F. Now after I enter my credentials I just press a button and I'm logged in :cool:
 
  • Like
Reactions: aragornnnn and upnorth
Status
Not open for further replies.

Similar threads

Gandalf_The_Grey
    • Like
    • Love
    • Wow
Blog 1Password: Should I protect my 1Password account with two-factor authentication?
Replies
5
Views
840
Passwords and passkeys
amirr
amirr
Gandalf_The_Grey
    • Like
    • Applause
    • +Reputation
New Update Google Authenticator adds Cloud Sync for your 2FA Codes
Replies
36
Views
2,796
Passwords and passkeys
piquiteco
piquiteco
Gandalf_The_Grey
    • Like
Security News New phishing attack steals your Instagram backup codes to bypass 2FA
Replies
0
Views
1,131
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top