Make Your Email Hacker Proof

It's only a matter of time until your email gets hacked. Don't believe me? Just read this harrowing cautionary tale.

This is a companion discussion topic for the original blog entry at:

I did this last year and I haven’t looked back. Logging in on a school computer is a bit of a hassle, but the increased security is definitely worth it.

It seems like a pain but it is easy as pie. Unless my daughters are playing Angry Birds on my phone when I get prompted for the code…

I did this a while back and it is not that big a hassle. Though when Gmail for iPhone was released, it was a little bit of a pain. Everytime it asked for the verification code, I opened the Google Authenticator app to copy the code. When I switched back to Gmail app, it would reset and I had to enter the email id and password again, by that time though the code would expire. But I guess Google fixed it and I haven’t switched back.

Has anyone got this working with iCal on OSX? Even with a generated app password, authentication fails.

The upside is that once you enable this, your email becomes extremely secure, to the point that you can (and I regularly do) email yourself highly sensitive data like passwords and logins to other sites you visit so you can easily retrieve them later.

Please don’t say this.

Email itself isn’t secure. Unless you’re encrypting the contents or it’s going over https all the time, emailing passwords is a really bad idea.

What if you don’t have a cell phone?

Unless you’re encrypting the contents or it’s going over https all the time, emailing passwords is a really bad idea.

GMail is https always by default and has been since Jan 2010.

Funny, I never noticed this option before. I just enabled it, thanks for the tip!

There’s also an app (for Android, at least) that provides authenticator codes. That way you don’t need cell reception to get a text message.

I have used it since it became available and it has worked great!
And I try to market it as much as I can to friends and family and
everyone I meet in anyway I can! Like sending this post to anyone
I know with a GMail account.

GMail is https always by default and has been since Jan 2010.

Doesn’t the https only protect the connection to the website from WiFi hackers (so they can’t get your password)?

Unless I’m mistaken, this won’t protect the contents of your emails are this is still sent unencrypted, right? So you shouldn’t be sending confidential information over email, even if it’s to yourself.

You should also consider using google authenticator (if you can) and get a account, and use it to multifactor both, then no more mailing yourself passwords, and you secure both.

Sorry, but I’m not going to pay T-Mobile fifteen cents every time I want to check my email.

@Jeremy Young, all traffic is encrypted over https.

Note in gmail, opening this panel is a bit different. click on the gear, then settings -> “Accounts and Import” -> “Other Google Account Settings”

I’ve been using 2-factor auth for more than a year, and it’s easier than I originally thought. Safer than otherwise, very reliable, relatively painless…

What is great is that there’s a PAM module of Google Authenticator as well, so you can add another layer to your own Linux servers. Very useful. Here’s a good tutorial:

I like your blog in general, but this post was disappointing.

First of all, people who actually give a **** about their security will not give their cell phone number to google, and would have nuked their gmail account years ago. Nor will they have a cell phone with a GPS that’s constantly broadcasting their location like a little tracking device.

Secondly, they’ll probably run their own mail server, and have a nice long 20 char password, and some nice strict logging / banning policies.

Thirdly, anything they send over the wire that’s important will be encrypted.

Any of the above would have been boring boilerplate we already knew, but it still would have been better advice to your readers than to hand your cell phone and/or personal details over to Google. Seriously, if having your gmail account compromised would cause you to lose control of your bank account, then your problems are not going to be solved by two-factor authentication. You need to rethink your approach to personal security entirely.

So 2-factor auth is nice and all, and not particularly hard to use.

However, can you explain to me why it’s better than using a strong password?

Let’s say:

  • My password for my email is $p+p9Dv5"L][&Y#Oq>$E (hint: it’s not, but it’s like that)
  • Each password I use is different and I store them in a secure password manager (it sounds like in your anecdote the person used the same insecure password everywhere, and hackers got it through some random forum hack or something)
  • I don’t use password hints (one way to disable them would be to put massive random strings)
  • I don’t give out my password over the net, or install malware etc

Where is the danger?

In terms of insecurity, I think the weakest link is that my email is permanently connected on my phone, so if I lost my phone and someone bypassed my pin they could access all of my email.

And 2 factor authentication does nothing to solve that.

@Axlotl, Jeremy Young refers to the transfer of email through SMTP from mail server to mail server, not the actual retrieval of messages from the Google web interface to your browser.

Everything is usually sent unencrypted, unless you are using S/MIME, or PGP-encrypt the body of your message.

Oh, additionally, when you use something like gmail bruteforcing isn’t really an option, since it will do things like lock you out after a few tries, correct?

Which means, while we’re being overly silly, your email password could be “lolcats”, and as long as you don’t use it anywhere else (so hackers can’t find it by analysing a stolen user passwords DB) and your email service allows only a few tries before locking the account*, and you don’t give it out or post it on comments to a popular blog, you could be fine.

*We’re ignoring hackers playing the slow game, trying a few passwords every 24hrs so they don’t trigger the lockout.