Post

How to Keep Your Email Account Secure

Posted
By Toti Stefansson
2 min read
How to Keep Your Email Account Secure

How to Keep Your Email Account Secure with Two-Factor Authentication and More

Your email account is the key to your digital life. If someone gains access to it, they can reset passwords on other websites, read personal messages, and even steal your identity. Here are the essential steps to secure your email.

1. Use a Strong Password

  • Choose a password that is at least 12 characters long.
  • Use a mix of uppercase letters, lowercase letters, numbers, and special characters.
  • Never reuse the same password across multiple sites.
  • Consider using a password manager like Bitwarden, 1Password, or KeePass to generate and store strong passwords.

2. Enable Two-Factor Authentication (2FA)

Two-factor authentication adds an extra layer of security on top of your password. Even if someone obtains your password, they also need access to the second factor to log in.

Types of Two-Factor Authentication

  • Authenticator apps (recommended): Apps like Google Authenticator, Microsoft Authenticator, or Authy generate temporary codes that change every 30 seconds.
  • Security keys (most secure): Hardware keys like YubiKey or Google Titan provide the strongest protection against phishing.
  • SMS codes (better than nothing): Codes sent via text message are better than nothing but vulnerable to SIM-swapping attacks.

How to Enable 2FA

  • Gmail: Go to Settings → Security → 2-Step Verification → Get Started.
  • Outlook: Go to Account Settings → Security → Two-Step Verification.
  • Yahoo: Go to Account Security → Two-Step Verification.

3. Watch Out for Phishing

  • Never click on links in emails you weren’t expecting.
  • Check the sender’s address carefully — scammers often use addresses similar to well-known companies.
  • When in doubt, go directly to the website in your browser instead of clicking a link.
  • Look for spelling errors and unusual wording that may indicate a scam.

4. Monitor Your Login Activity

Most email providers offer the ability to review recent login activity. Regularly check whether any unfamiliar logins have occurred.

  • In Gmail, you can click “Last account activity” at the bottom of the inbox page.
  • If you see suspicious activity, change your password immediately and sign out of all devices.

5. Keep Your Software Updated

  • Update your operating system, browser, and email client regularly.
  • Updates often contain security patches that close known vulnerabilities.

6. Use Encrypted Email if Needed

If you send sensitive information, consider using an encrypted email service like ProtonMail or Tutanota, which offer end-to-end encryption.

Summary

Email security is about combining many small steps:

  1. A strong and unique password
  2. Two-factor authentication (preferably with an authenticator app or security key)
  3. Vigilance against phishing
  4. Regular monitoring of login activity
  5. Up-to-date software

With these measures, you’ll be much better equipped to protect your email account against attacks.

This post is licensed under CC BY 4.0 by the author.