Two-Step Authentication

When enabled for a domain by the System Administrator, Two-Step Authentication adds an extra layer of protection to your SmarterMail account. It ensures that only YOU can access your account, even if someone knows your password.

When your account is protected with Two-Step Authentication, logging into webmail requires two methods of authentication: your SmarterMail account password and a verification code that's only available to you. This code can be generated from an app, like the Google or Microsoft Authenticator apps available for iOS and Android, or delivered via a recovery password that's set up for your account. In addition, if you access email using a mobile or desktop email client, such as Microsoft Outlook or Apple Mail, you will need to use "application passwords" when setting up those accounts. (If the account is already set up in an email client, you'll need to re-log in using an application password after Two-Step Authentication is set up.)

Once you click the Enable button, you'll walk through the process of setting up Two-Step Authentication. The steps you walk through depend on which type of authentication you select: Authentication App or Recovery Address. Regardless, the fields you'll see are as follows:

• Verification Methods - This is where you select the type of additional verification you want to use: Authenticator App ( g, Google or Microsoft Authenticator) or Recovery Address. Regardless of which method you choose, you'll have to supply a Recovery Email Address. This is necessary even when using an Authenticator App for instances where issues occur with the app, such as the inability to scan a QR code, that may require an authentication code to be emailed to you.
• Recovery Email Address - This is an alternative email address, different than the one you're using, that can receive authentication codes. If you already have one set for your account, it will be displayed However, you can change it to a separate address if you so desire. You will have to re-enter this address to confirm it on the next line.
• Verification Code - If using the Authenticator App method, you'll be asked to scan a QR code with the app you want to use for authentication, then enter the code displayed by the If you're using Recovery Email Address, you'll need to enter the verification code that was emailed to that address.

Setting Up Two-Step Using a Recovery Email Address

Using a Recovery Email Address means that each time you log in to webmail, a verification code will be sent to the Recovery Email Address you specify. You then enter that code on the SmarterMail login screen for your account, prior to being able to access webmail. To get started with using Two-Step with a recovery address, do the following:.

1. Select Recovery Email Address from the Verification Methods
2. Enter and confirm the Recovery Email Address that will be used to retrieve the verification code. (This email address will automatically be used as the Recovery Email Address used for resetting your account password as )
3. Click
4. Wait a moment for the verification code to be sent to that address, then enter the 6-digit code once it's received.
5. Click Check to confirm the verification code and complete the Two-Step Authentication setup.

Setting Up Two-Step Using an Authenticator App

Using an Authenticator App, such as Microsoft Authenticator, means that each time you log in to webmail, you'll retrieve the verification code from your authenticator app of choice. You then enter that code on the SmarterMail login screen for your account, prior to being able to access webmail. To get started using an Authenticator for Two-Step, do the following:

1. Install an authenticator app, such as Google

 (https://support.google.com/accounts/answer/1066447?hl=en&ref_topic=2954345) or Microsoft (https://www.microsoft.com/en-us/account/authenticator) Authenticator, on your phone or computer. (In this article, we'll demonstrate how to set up Two-Step Authentication using Google Authenticator on your mobile device.)

2. Select Authenticator App from the Verification Methods
3. Enter and confirm a Recovery Email Address that will be used as an alternative method to retrieve the verification code. If your authenticator app is not accessible, the verification code will be sent to this address instead. (This email address will automatically be used as the Recovery Email Address used for resetting your account password as well.)
4. Click A QR code will appear on the next page.
5. Open the Google Authenticator Click "BEGIN SETUP" if you aren't already using it for other accounts, or use the plus ( +) icon to add a new token.

6. Select Scan QR Code to use your phone's camera to scan the code that's displayed in A new token will be added to Google Authenticator.
7. Enter the token's 6-digit code into
8. (If you can't scan the QR code, click on "Can't scan the QR code?" in SmarterMail. In the Authenticator app, choose to create a new token by Manual entry. In the Account field, enter a token descriptor, such as the username of your account. In the Key field, type in the secret key that's displayed in SmarterMail. Then enter the token's 6-digit code into )
9. Click Check to confirm the verification code and complete the Two-Step Authentication setup.

Logging in with 2-Step

To log in to SmarterMail, enter your email address and password. Then enter the 6- digit verification code that's sent to your recovery email address or the token that's displayed in the authenticator app.

Configure Third-party Applications with App Passwords

Note that once 2-Step Authentication is set up for your account, you will also need to re-configure any third-party applications or email clients using the "application passwords" that are automatically generated and displayed on the Two-Step Authentication card in your Account settings. Several passwords are provided based on the protocol-type being used. For example, an EAS password would be used for any mobile email client. Passwords can be used multiple times, in multiple clients.

They can also be reset/refreshed. Be sure to use the correct password for the corresponding protocol.

Regardless of which method you use, having Two-Step Authentication set for your account is a great way to keep your email communication protected.