Skip to main content
User AccessHigh priority

Set up two-factor authentication on your email

Add two-factor authentication (2FA) to your email account so a password alone is not enough to get in.

Why this matters

Your email is the master key to your online accounts — if someone gets into it, they can reset every other password. 2FA stops this even if your password is stolen.

How to do it

  1. Gmail: 1. Go to myaccount.google.com → Security → 2-Step Verification
  2. Follow the setup steps — use an authenticator app (better than SMS)
  3. Outlook: 1. Go to account.microsoft.com → Security → Advanced security options
  4. Turn on two-step verification
  5. Also enable 2FA on iCloud, social media, and your bank if possible

Cyber Essentials framework

This task falls under the User Accesscontrol — one of five areas assessed in the UK's Cyber Essentials scheme. Completing it counts toward your Cyber Essentials alignment.

Track your full security score — free

Create a free account to check off tasks, see your Security Score, and build toward Cyber Essentials alignment.

Start your free security check