How to protect your Yahoo account with two-step verification (2SV)

Strengthen your online accounts by enabling 2SV.

David bisson
David Bisson
@
@DMBisson

How to protect your Yahoo! account with two-step verification (2SV)

In recent articles I’ve shown you how you can protect some of your email accounts with two-step verification (2SV).

We’ve covered how you can receive verification codes when signing into your Apple and Google accounts, and I’ve even reviewed how you can implement 2SV with the Google Authenticator app.

But what if you have additional email addresses? Can you protect your other web-based accounts, as well?

Sign up to our free newsletter.
Security news, advice, and tips.

The answer is yes… as long as that provider gives you the option of doing so.

Fortunately, given the digital threats confronting users today, many services do. Let’s review one such web-based email service provider: Yahoo!

In this guide, I will show you how you can protect your Yahoo! account with two-step verification.

1. Sign into your Yahoo! account.

2. On your account home page, you will find some of the personal information you have shared with Yahoo!, including your name and gender.

To the left, you will find a purple sidebar with several clickable options. Click on the “Account security” option, which is located directly below “Personal info.”

Yahoo 2sv 1

3. Yahoo! will ask you to reenter your password in order to view your account security settings. Do so and click on the “Next” button.

4. Your account security page is where you can go to change your Yahoo! password and add recovery emails/phone numbers.

It is also where you can go to activate two-step verification. At the bottom of the page, you will see “Two-step verification” with a clickable switch. Click the switch to turn 2SV on.

Yahoo 2sv 2

5. To enable 2SV, Yahoo! will prompt you to enter in a phone number with which you would like to enable 2SV. Enter in your phone number and confirm whether you would like to receive a verification code via SMS or call. (NOTE: That preference is not permanent and applies to this activation process only.)

Yahoo 2sv 3

6. If you entered your number correctly, Yahoo! will send a verification code to your mobile number via SMS or call. Enter in the code and click the “Verify” button.

Yahoo 2sv 4

7. Congratulations! You’re all set!

Yahoo! will display a “Success” dialog box and will also provide you with the option to reconnect certain mobile apps by creating unique app passwords. We’re going to skip that process.

Yahoo 2sv 5

8. On your “Account security” page, you will see that the Two-step verification option is now switched to On. Below that feature, you will also see that you can generate an app password to reconnect certain applications like iPhone mail, Outlook, and others if you choose to do so in the future.

Yahoo 2sv 6

Now every time you sign into your account, you will be directed to this page after entering in your username and password.

Yahoo 2sv 7

Specify by which option you would like to receive a verification code. That will lead you to this next page.

Yahoo 2sv 8

Enter in the code, and you will be directed to your account home page.

I strongly recommend enabling two-step verification and (even better) two-factor authentication on your different online accounts when it’s available. It’s a great method of strengthening your online security and privacy, by making life harder for the hackers.

Read more:


David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

5 comments on “How to protect your Yahoo account with two-step verification (2SV)”

  1. Monica Dumone

    My main fear with this is that over the years I have built up some trash yahoo mail addresses to use when I am in unsafe places or on Holiday and I'm having to use a common computer or worried about getting tracked or spammed on my main Email address. Some of the two pass authentication systems tie you down to one phone number per account. (Not all) I'm not sure about Yahoos policy. But I can see the day when they start locking you into two pass authentication and you could lose an account or need to have a spare mobile/ number and all the issues that can cause. I wonder do yahoo trap each email to a specific mobile number? (Also, I can be a little outspoken on certain subjects that I would rather speak on anonymously and not tracked to my personal mobile phone!)

  2. Stéphane Lord

    I completly agree with Monica on this!

  3. John Adam

    Thank You David for the yahoo security tip.
    But I would like to share something on online security and it will also cover yahoo or gmail or any other online activity.
    I am small business owner based in Huston and I am using VPN for my business online security.

  4. Dread

    so…if your account gets hacked again, THEY NOW HAVE YOUR PHONE NUMBER!

  5. hughw

    It seems irresponsible not to mention that sending SMS as the second step, as Yahoo does, is extremely insecure. The NIST has advised this method be retired. Recently, thieves abused SMS 2FA to drain bank accounts worldwide: https://arstechnica.com/security/2017/05/thieves-drain-2fa-protected-bank-accounts-by-abusing-ss7-routing-protocol/

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.