Two-factor authentication
The term two-factor authentication, often abbreviated to 2FA, refers to an additional layer of security when logging in.
Instead of logging in with just one password, you need two different factors.
This makes it much more difficult for attackers to gain access to an account, even if the password has been compromised.
There are three types of factors, of which at least two must be combined for two-factor authentication:
- Something you know, e.g. password, PIN, security question
- Something you have, e.g. smartphone, hardware token, SMS code
- Something you are: biometrics (e.g. fingerprint, facial recognition)
Types of 2FA supported by mail.co.uk
- App codes (TOTP): Time-based one-time codes in apps such as Google Authenticator, Authy or Microsoft Authenticator.
- Hardware keys (U2F / FIDO2): USB/NFC devices such as YubiKey – particularly secure.
- Passkeys: Normally a password alternative, at mail.co.uk a second factor for even more security.
The advantages of 2FA are significantly higher protection against account theft, because even if a password has been compromised, for example
through a successful phishing attack, the attacker cannot access your
account protected by a second factor without the second factor.
However, these clear advantages also have disadvantages: logging in becomes a little less convenient, as there is an additional step during
login. However, this can be easily mitigated by using a password manager.
You should also ensure that you have backup codes available so that you can still access your account if you lose your hardware key or
mobile device. You can also set up a second second factor
so that you can still access your account in an emergency. This has the added advantage that you can disable the lost
factor without compromising your account security.