Protecting Your Yahoo Mail With 2-Step Authentication

Keep your personal information safe with two levels of security

by Heinz Tschabitscher
A former freelance contributor who has reviewed hundreds of email programs and services since 1997.
Updated September 30, 2019

Two-factor authentication (2FA), also called two-step authentication, is a security protocol that requires two methods to gain access to an application or program. For example, when logging into your bank, a username and password may not be enough. You may also be prompted to identify a picture, that you chose previously, to prove that you are who you claim to be.

This extra layer of security is for your protection, and with two-step authentication, two layers of security can also protect your Yahoo Mail account from suspicious login attempts.

1:08

Protecting Your Yahoo! Mail with 2-Step Authentication

How Secure Is Your Email at Yahoo?

Your Yahoo Mail account is only as secure as your password for it. Yahoo checks the password when somebody attempts to log in to an account; it also looks at the location and computer from where the attempt is made. If one looks suspicious (for example, you log in from a device you never used before), it can require more than the password, but only if two-step authentication is enabled.

When two-step authentication is enabled, a second detail is required to log in. This is either a code sent to your cellphone or answers to one or more security questions. The security questions can be turned off so that only mobile phone verification is required. Your Yahoo Mail account is then as secure as your password and access to your mobile phone.

For a similar degree of security, Yahoo Mail also offers Access Key log-on using a mobile app.

Protect Your Yahoo Mail Account with 2-Step Authentication

To add a second layer of authentication for suspicious log-in attempts, log in to your Yahoo Mail account, then:

  1. In the upper-right corner, select your Account icon.

    A Yahoo Mail inbox with the Account icon highlighted

  2. Select Account Info.

    A Yahoo Mail inbox with the Account Info button highlighted

  3. Select Account Security.

    Yahoo Mail account info page with the Account Security tab highlighted

  4. Turn on the Two-step verification toggle switch.

    If Yahoo Account Key is enabled (like for Flickr), turn it off. Account Key isn't compatible with two-step verification.

    Account Security page for a Yahoo Mail account with the switch for Two-step verification highlighted

  5. When prompted, enter a mobile number. Then, choose either Send SMS or Call me to receive an authentication code.

    When entering your mobile number, leave out any non-numerical characters. For example, enter 1234561234 rather than 123-456-1234 or (123) 456-1234.

    Mobile number and text/call buttons to set up two-factor verification in Yahoo Mail

  6. Depending on the method you chose, you'll receive a text or phone call with the verification code. Type the code into the dialog box that appeared onscreen after you chose the method of contact, then select Verify.

    Enable two-step verification window in Yahoo Mail with the Verify button highlighted

  7. If the numbers match, a success dialog box appears with options to Create app passwords for apps that don't recognize or use two-step authentication. Or, choose Skip for now to skip this process.

    Two-step authentication will not apply to Yahoo Mail accessed using POP, mobile devices, or IMAP. For these, create application-specific passwords.

    Two-factor verification success screen on Yahoo Mail with

  8. From now on, you'll be prompted for an authentication code when logging in.