Posteo Help Help categories Article

What is two-factor authentication and how do I set it up?

With two-factor authentication, you can increase security of access to your Posteo account in the browser. Two-factor authentication can be activated in the settings of your Posteo account. This help article and the corresponding help video explain how it works and what exactly two-factor authentication does.

Once activated, Posteo will not only check your regular password at login. You will also need to enter a six-digit one-time password. Only then will you be granted access to your account. The smartphone, tablet or computer computes this one-time password, independent of our server. Your device requires a key for this, which you will have saved in an app.

Example for Posteo's two factor authentication

If your regular password is somehow obtained by criminals or intelligence agencies, they will have no possibility to access your account via webmail and, for example, to manipulate your account and security settings.
Two-factor authentication prevents account theft: Without the second factor, unauthorised parties cannot access your account settings, change your password and lock you out of your account. For login, not only your password will be required, but also the current one-time password shown on your device. This changes every 30 seconds.

Tip: By activating additional email account protection, two-factor authentication also protects your emails against unauthorised access. Additional email account protection is suitable only exclusive for webmail users as it blocks access for email programs. You can find out how this works in How do I activate additional email account protection?

Video: Two-factor authentication at Posteo

In our help video we show you how simple it is to set up two-factor authentication. You will learn how two-factor authentication works, what you require and how two-factor authentication works on a day-to-day basis. After watching the video, you can set up two-factor authentication for your account using this help article.

What is two-factor authentication and how do I set it up?

Contents

  1. How does two-factor authentication work?
  2. Requirements for two-factor authentication
  3. How to activate two-factor authentication
  4. Security tips
  5. Adding multiple devices
  6. Related help articles

How does two-factor authentication work?

Two-factor authentication is comparable with multilevel security processes in the banking industry.

At an ATM, you can only withdraw cash if you know something (your PIN) and possess something (your ATM card). When two-factor authentication is activated, login at Posteo follows the same principle: you require something that only you know (your password) and something you possess. The thing you possess could be a smartphone, tablet, or another device such as a YubiKey. Importantly, you will need to have saved some information on the device first.

The login process occurs as usual. You just enter a current one-time password in addition. The password changes every 30 seconds and is automatically computed and shown by your device.

Requirements for two-factor authentication

For two-factor authentication you will require a Posteo account as well as a device on which to install a compatible app. In principle, you can use any app that uses the open standard TOTP. There are apps for all common operating systems:

If you do not possess an appropriate device, you could alternatively use special hardware, such as a YubiKey, for example.

How to activate two-factor authentication

For quick setup, use our visual instructions. Step-by-step instructions with explanations can be found below the image gallery.

  1. First, install a one-time password app on your device
    In the image you can see FreeOTP on an iPhone 4, for example.
  2. After installation, open the app
Setup two factor authentication: Install app
  1. Click Settings in the webmail interface
  2. Click My account
  3. Click Password and security
Setup two factor authentication - step 3 to 5: open settings
  1. Under “two-factor authentication”, enter your Posteo password
  2. Place a tick to confirm that you have installed a one-time password app
  3. Click the Activate two-factor authentication button
Setup two factor authentication - step 6 to 8: enter password
  1. Now transfer the secret key for two-factor authentication to your device. Simply take a photo of the QR code using the one-time password app.
    Alternatively, you can also enter the key manually (the string of characters above the QR code). Some apps only offer this method. In this case, please select the SHA1 algorithm.
Setup two factor authentication - step 9: scan QR code

Two-factor authentication is now set up on your device. The app will display a new one-time password every 30 seconds.

  1. To check that the transfer is correct, enter the current one-time password
  2. Lastly, click the Confirm activation button
Setup two factor authentication - step 10 to 11: enter one time password

Two-factor authentication is activated for your account.

Security tips

  • Make sure that access to your device is always secured as well as possible (e.g. with a PIN code). It also makes sense to activate device encryption, when possible. You should always regularly install security updates.
  • You can minimise the risk associated with losing a device by activating two-factor authentication on multiple devices. You could also copy the secret key and keep it in a safe place.
  • If you lose your device or delete the app, you will also lose access to your Posteo account! In this case, please contact our support team via support@posteo.de. You can also use our contact form. Our support team will endeavour to assist you.

Adding multiple devices

You should also set up the key on a second device, so that you don’t lose access to your Posteo account. To add another device, proceed as follows:

  1. Click Settings in the webmail interface
  2. Click My account
  3. Click Password and security
  4. In the “two-factor authentication” section under “Add another device”, enter the current one-time password and your Posteo password
  5. Confirm by clicking the Show secret key button
Two factor authentication: show secret key
  1. Now transfer the secret key for two-factor authentication to your device. Simply take a photo of the QR code using the one-time password app.
    Alternatively, you can also enter the key manually (the string of characters above the QR code). Some apps only offer this method. In this case, please select the SHA1 algorithm.
Setup two factor authentication - step 9: scan QR code