Is an authenticator app better than SMS for email 2FA?

Yes. Authenticator apps are more secure—SMS can be intercepted via SIM swapping. Use an app when the provider supports it; enable SMS if it is the only option.'

What happens if I lose my phone with the authenticator?

Use your backup codes to log in, then set up 2FA again on a new device. Store backup codes in a safe physical location.'

Which email providers support 2FA?

Gmail, Outlook, Yahoo, iCloud, and most major providers support 2FA. Check the security or sign-in section of your account settings.'

Search guides

Set up two-factor authentication for email

We'll set up 2FA on your email using an authenticator app or SMS—and save backup codes so you never get locked out.

Category: How-to · Security basics
Time: 10–15 min
Last reviewed: Mar 7, 2026

What you'll need

Smartphone with authenticator app or phone for SMS
Access to your email account

At a glance

Install an authenticator app (Google Authenticator, Microsoft Authenticator, Authy) or use SMS.
Open your email account security settings and find two-step verification or 2FA.
Scan the QR code or enter the setup key to link the app.
Save backup codes in a secure place in case you lose your phone.

Quick triage — pick your path

Get started

Choose the option that matches what you see. You can jump straight to that section.

Follow this guide Work through the full procedure.
Gmail You use Gmail.
Outlook You use Outlook or Microsoft 365.
Save backup codes You have enabled 2FA and need to save the codes.

Steps

Goal: Enable 2FA on your email so it is protected even if the password is stolen.

Install an authenticator app (Google Authenticator, Microsoft Authenticator, Authy) or plan to use SMS.
Open your email account and go to Security or Sign-in settings.
Good: You see the 2FA option. Proceed to Gmail, Outlook, or the equivalent for your provider.

Gmail

Goal: Enable 2FA on Gmail.

Google Account, Security, How you sign in to Google, 2-Step Verification, Get started. Choose Authenticator app or Phone. Scan the QR code or enter the setup key. Enter the verification code. Save backup codes.
Good: 2FA is on. Proceed to Verification.

Outlook

Goal: Enable 2FA on Outlook or Microsoft 365.

account.microsoft.com, Security, Advanced security options, Two-step verification, Turn on. Choose Authenticator app or Phone. Scan the QR code or enter the key. Enter the code. Save backup codes.
Good: 2FA is on. Proceed to Verification.

Backup codes

Goal: Save backup codes so you can log in if you lose your phone.

Copy or print the backup codes. Store them in a safe place. Do not store them only on the same device as your email.
Good: Codes are saved. Proceed to Verification.

Verification

2FA is enabled in your email account security settings.
Logging out and back in prompts for the six-digit code.
Backup codes are saved in a secure location.

When to get help

If you lose your phone and do not have backup codes, use the account recovery process for your provider. For broader 2FA setup (banking, social), see Enable two-factor authentication.

Reviewed by Blackbox Atlas

Frequently asked questions

Is an authenticator app better than SMS for email 2FA?: Yes. Authenticator apps are more secure—SMS can be intercepted via SIM swapping. Use an app when the provider supports it; enable SMS if it is the only option.'
What happens if I lose my phone with the authenticator?: Use your backup codes to log in, then set up 2FA again on a new device. Store backup codes in a safe physical location.'
Which email providers support 2FA?: Gmail, Outlook, Yahoo, iCloud, and most major providers support 2FA. Check the security or sign-in section of your account settings.'

Rate this guide

Was this helpful?