1. Home
  2. HIPAA
  3. HIPAA Secure Email
  4. Two-Step Verification – Hushmail

Two-Step Verification – Hushmail

With two-step verification (also known as “two-factor authentication”), you add an extra layer of security to your account in the form of a second login step.

It prevents unauthorized access to your Hushmail account by using a two-stage process to authenticate your identity when a login is attempted from a new (unrecognized) device.

The first step is to sign in using your email address and passphrase, and the second step is entering a verification code that that will be sent by text message to your mobile phone, or by email to an alternate email address.

You can also obtain a verification code using a smartphone app like Google Authenticator:

How Do I Turn Two-Step Verification On?

1. Sign in to your Hushmail account.

2. Go to the Preferences page by clicking the menu in the upper right corner, as shown here:

3. Select the Security tab and click the pencil icon to set two-step verification to On, as shown here:

4. Click Continue and follow the on-screen instructions.


I’ve enabled Two-Step Verification for my Hushmail account. Now what?

The first time you sign in to your account after turning two-step verification on, you will be asked to enter a verification code, which will be sent via your method of choice. Once you enter the code, the device will be registered. Be mindful of the device you use, as it will now be a trusted device and in the future you will only use your passphrase to sign in when using that device. Any time you sign in from a device that isn’t trusted, you will be prompted to enter a new verification code to register that device, so that we recognize it in the future.

What if I don’t have my phone with me and/or I can’t access my alternate email address to receive the verification code?

When you turn on two-step verification, you also receive a backup verification code. It is very important that you keep this code in a safe place. You can use this backup verification code to gain access to your Hushmail account in case you have no means of receiving your verification code through your mobile phone or your alternate email address.

If you haven’t written down your backup verification code yet, you can find it again by going to the Security tab within the Preferences page, as described here: Hushmail Setup with Two-Step Verification

We strongly recommend keep your backup code safe and accessible, because if you ever lose access to your passphrase, your trusted devices, access to your alternate email address and to your backup verification code, you will be locked out of your Hushmail account without this backup code.

How can I turn two-step verification off?

If you no longer want to use two-step verification, go back to the Security tab on the Preferences page and select the pencil icon in the Two-step verification field and select Off from the drop-down menu.

Once you do this, your list of trusted devices will be deleted and if you ever turn two-step verification again, you will have to register your devices again.


Updated on April 29, 2019

Was this article helpful?

Related Articles