FastMail - How to turn on Multi Factor Authentication (MFA)

Discussion in 'FastMail' started by popowich, Nov 14, 2014.

  1. popowich

    popowich EQ Forum Admin Staff Member

    Aug 12, 2008
    Likes Received:

    FastMail offers a variety of multi-factor authentication (MFA) authentication options.

    There is a downside. At this time, MFA can only be enabled for alternate logins. MFA can not be associated with your primary FastMail username and password.

    FastMail intends for these alternate logins to be used when you are logging into your account from a computer or network that you don't trust such as a public wireless network.

    To create an alternate login go to your Advanced Settings and click Alternate Logins:

    FastMail Advanced.JPG FastMail Alternative Logins.JPG

    Next, complete the form, including selecting your MFA option such as Google Authenticator.

    FastMail Alternative Login Google Authenticator.JPG

    When done, click the button at the bottom of the screen to Create Alternative Login.

    If you selected Google Authenticator you'll be prompted with a white page that includes the Google Authenticator setup directions.

    To use the alternate login, go to the FastMail login screen and click More:

    FastMail MFA Login.JPG FastMail MFA Login - Google Authenticator.JPG

    To login using your alternate login you'll need these three pieces of information:

    • Your FastMail email address
    • The Base Password created for your alternate login (not the master password)
    • Your second auth code such as the six digits from Google Authenticator.

  2. foggy

    foggy Valued Member

    Oct 23, 2010
    Likes Received:
    Just so readers are aware, FM's 2FA works slightly differently. As I understand it, whereas other services (like Gmail) employ 2FA so that one cannot log in to an account using only the master password without also inputting the second factor (e.g. code sent to phone), with FM one may still log in to the account using the master password alone. Their 2FA is truly an "alternative" login, since the main login method (the single, master password) will still be valid without a second factor. FM suggests using a very long & complex password as the master password and then using a shorter one that's easier to remember for use as part of their version of 2FA.

    This, to me, doesn't seem quite as secure as the 2FA provided by other services (e.g. Gmail, Outlook) where one must have a code entered separately (in addition to the master password) to log in.

Want to reply or ask your own question?

It only takes a minute to sign up (and it's free!). Click the orange sign up button to choose a username and then you can ask your own questions on the forum.