Two factor authentication list

[lpn]

The two factor authentication list twofactorauth.org has an email section that lists some of the commonly used email providers.

If some of your email providers are not listed, submit a pull request on their github repository to be included in the list.

If some of them don't support 2FA, click on the provided link corresponding to the providers in question (as I did for gmx.com) to post a tweet asking them to implement it.

[usf]

thanks,nice info

[mark73]

I am skeptical about 2FA for email services such as IMAP,POP and SMTP protocols

[lpn]

Quote:

Originally Posted by mark73

I am skeptical about 2FA for email services such as IMAP,POP and SMTP protocols

The main point of 2FA, at least for me, is the ability to prevent changes of important account settings, e.g the main password or as an account recovery option. You are right, though -- 2FA doesn't work easily or reliably with these protocols; one may need separate passwords if the provider supports this.

[lpn]

No love for 2FA, this is strange.

[17pm]

There's definitely love for two factor authentication.

Sadly my e-mail provider doesn't support it.. I'll stick with them for 1 more year, if they don't support it until then, I'll need to look for alternatives, which there aren't many, sadly.

2FA is an absolute must in today's internet.

[webecedarian]

I'm getting to the point of being skeptical about anything requiring more identification. Reminds me of the contemptible way Outlook is trying to collect more information.

[beeboy]

It all depends on what your needs are. I, absolutely, need 2FA on my business email account.

I would not pay for a service that did not offer it.

[B4its2L8]

You could check out the link provided by the OP in this thread. In the page linked to, scroll down to the section on "email." That may be the most up-to-date list?

[17pm]

I'm looking to change e-mail provider and I absolutely require 2FA.

Sadly, 2FA is still something very rare, which I find really weird ://

If anyone knows about email providers that support 2FA and that are not presented in OP's link, please let me know!

[ReuvenNY]

The two threads in question are now merged.

[pjwalsh]

There are hardware 2FA options available for FastMail, mailbox.org, and now Google accounts. These are a durable, no-battery, physical USB key, which generates a unique one-time passcode* as the second factor authenticating you to your account. You register your key with the service in question. They fit nicely on a keyring and are more secure than verification codes, and don't require a cell phone and wireless signal.

The computer sees the USB key as an HID device, like a keyboard, so they can be used at any computer with a USB port. After you enter your base password in the browser you just touch the gold circle on the inserted USB key, the unique OTP is generated and transmitted, you are authenticated and logged in.

The Yubico YubiKey can be used with FastMail and mailbox.org. YubiKeys are $25 USD, available through Yubico and on Amazon**. Mailbox.org issues their own YubiKey for $35 euro.

The new FIDO U2F Universal Second Factor protocol, implemented on a U2F Security Key, can now be used for Google accounts with the Chrome browser. This is a very recent development, announced October 21 on the Google security blog. Chrome 38+ is required. The Yubico FIDO U2F Security Key is available on Amazon and Yubico for $18 USD, and user comments are very positive. FIDO U2F authentication is destined to become widely adopted. One U2F Security Key can be used for multiple accounts (distinct key pairs).

The YubiKey can be used with LastPass, KeePass and other password managers. It can be used with any modern browser. With the YubiKey there are two 'slots' you can use, one for the dynamic OTP function, the second slot can be configured for a long static password, OATH, or Challenge-Response.

For detail see Yubico's pages on the YubiKey, the U2F Security Key, and the YubiKey VIP (can also authenticate to PayPal and eBay).

I've used a YubiKey with FastMail and Clavid for over 3 years. It's tough, compact, convenient, and has been flawless in operation.

A couple differences between the two implementations. The U2F Security Key will not transmit (prompt) before it has verified you are on a legitimate, registered site. And with the YubiKey, you first set up a YubiKey-specific alternative password on your FastMail account, that is the base password you enter in the browser before the OTP is triggered. With Google's U2F you are using your regular Google account password in the browser.

--
FastMail 2FA options (YubiKey and Google Authenticator), and SMS OTP
Google U2F Security Key support

* FIDO U2F uses public key cryptography

** YubiKey and U2F Security Key available on Amazon US, CA, UK, ES, IT, DE, FR. Quick links at Yubico.

[17pm]

CounterMail (https://countermail.com/) seems to be a good e-mail provider that supports 2FA. Sadly, they're crazy expensive for me!!!

I can't find a good (and not crazy expensive) e-mail provider!

[pjwalsh]

Quote:

Originally Posted by 17pm

I can't find a good (and not crazy expensive) e-mail provider!

20 bucks a year is crazy expensive?

[kangas]

LuxSci also supports 2FA for its web interface. You can use any of these options:

1. token sent to you via text

2. token sent to an external email address

3. DueSecure.com integration (their accounts are free up to 10 users) which provides a wide array of options from pone apps to calls to hardware tokens.... including options for administrators if their users get locked out and reporting.

Quote:

Originally Posted by 17pm

Hello,

I'm looking for e-mail providers that support two-factor-authentication.

FastMail seems to be the only premium provider that supports 2FA?


EDIT: Forgot about RiseUp, Hushmail and Mailbox.org.. Not really interested in any of those though ://