Beefing up your Chambers Technology Support Email Security

Access to your Chambers Technology Support Email is secured by a logon ID and a password but ID's are easy to guess and there are various ways your password could be found out so to deal with possibility, an additional layer of security can be added to your Email account.  Here we explain what this is, why it is needed and how you can get started using it.

27 January 2017 Getting Started  E-mail, Microsoft Office, Security

Security - Article

The problem

Currently access to your Chambers Technology Support Email is secured by use of a logon ID (your Email address) and a password. As logon ID's are either known or simple to guess, the security of your account comes down to your password.

Whilst we always encourage you to have a secure password for your accounts, with so many different online services to keep track of, in addition to accessing them regularly, it is tempting to use shorter, simpler passwords.

Although Chambers Technology Support Email can be considered pretty secure from true hacking (trying to break into the programs and systems that run the Email), it isn't secure from password "cracking" tools or by tricking you into handing over your login details by using carefully constructed Emails and web sites.

The two-factor authentication solution

To deal with the problem of weaker passwords or passwords being given unknowingly an additional layer of security and be added to your Chambers Technology Support Email which is much harder to get around and this mechanism is called Two Factor Authentication – "2FA" for short.

Put simply, two factor authentication means access to "something" relies on a thing you know (in this your password) and a thing you physically have (in this case it will be your mobile phone). In order for you to access your account you must enter your password as usual and then enter a code which is sent as a text message to your phone (the code changes each time).

This additional layer of security means that even if someone has managed to get your password, they would also need your phone and that makes the job for hackers next to impossible.

We say next to impossible because there have been instances of hackers arranging to get a replacement SIM for a mobile phone service of someone they are targeting however these are exceptional, very rare and unless you have something worth a great deal should be considered unlikely in your case.

We can see then that adding 2FA to your Chambers Technology Support Email is a sensible improvement to make however there are a few things worth noting before you start using it.

Firstly, with 2FA applied to your account on you must have your mobile with you and it must have coverage in order to be able receive the code that will allow you to log in to Chambers Technology Support Email via the web.

Secondly, if you use Email applications on your computer, tablet or phone you will need to use app passwords as 2FA can’t be used in those circumstances.

App passwords

Email applications on your phone, tablet or computer make regular checks of your Email and having each prompt for a code on each action would make them unusable so "app passwords" are used. An app password is a randomly generated and very long password created specifically for use by one application.

Apart from the time you first set up the Email application you won’t know what that password is (so it can’t be given to someone else) and it is sufficiently long and random to make guessing it impossible. Even if the app password was acquired in some way it would still not allow overall control of your Email account (which is secure by your password and code logon). In addition, the Email service will associate with that app password characteristics about the requesting application and if a different application uses the same password this will probably be rejected.

One of the other advantages of App password is that they don’t expire so when it comes to changing your main logon account password, your apps do not need to be updated.

App passwords are an essential part of the 2FA process and being familiar with what they do and how to manage them will ensure you don’t run into difficulties when setting up new Email applications.

Getting started with Two Factor Authentication

Switching over to two factor authentication only takes a few minutes but it is important to be prepared and to make sure you do this when you have a bit of time to sort out your app passwords. You will also need to arrange a time with us to switch on 2FA on your account.

Setting up your additional security verification

To set up Two Factor Authentication

  1. Call us and ask for Two Factor authentication to be switched on for your Chambers Technology Support account.
  2. Once we have confirmed it is switched on, log into your Chambers Technology Support account through the Office 365 portal (or via the Chambers Technology Support Gateway).
     
    Office 365 Two Factor Authentication - Set it up now 
  3. You will be prompted to set up the additional security verification - click the Set it up now button.
  4. You will now need to provide the details of your mobile phone.  Select your country code , type your mobile phone number , choose the Send me a code by text message option and finally click the Contact me button.
     
    Office 365 Two Factor Authentication - How should we contact you 
  5. You should receive a verification code as a text message on your mobile phone within a few moments.
  6. Enter the code into box and click the Verify button .
     
    Office 365 Two Factor Authentication - Enter the verification code
     
  7. After a few moments you should move on to the next step - your app password.
  8. You will be given an initial app password - this could be used for Email on your phone for example. 
     
    Office 365 Two Factor Authentication - Your first app password
     
  9. If so, go to the account settings for your Chambers Technology Support Email account on your phone and replace the current password with the app password.
  10. You can now close the Additional verification page to continue into your Office portal.

You have now successfully set up additional security on your Chambers Technology Support Email account and whenever you log in to your account via the portal you will need to have your mobile phone with you to receive and verify the code that will be sent.

If you have other applications that also have your Chambers Technology Support Email you will need to create an app password for each of those and that is described in more detail below.

Generating App Passwords

For each application that you use to work with your Email you will need to generate an app password as follows:

  1. Sign into your Email via the Web Portal.
  2. Click your name (top right) and from the menu choose View Account .
  3. Click the Security & Privacy  option on the left-hand side.
  4. Under the Additional security verification option, click the Update your phone numbers used for account security link
     
    Office 365 Two Factor Authentication - Update your phone numbers 
  5. Click the app passwords tab and then click the create  button to generate a new app password.
     
    Office 365 Two Factor Authentication - App Passwords 
  6. Type a name that you can use to identify your app password over others and click Next .
     
    Office 365 Two Factor Authentication - Create App Password 
  7. Your app password will be shown on the screen.
     
    Office 365 Two Factor Authentication - Your new app password 
  8. To keep things secure, don’t make a note of this password – if you need to set up the Email application again, simply create a new app password (and delete the old one).
  9. You will now need to enter that password into the appropriate place in the account settings for the Email application.
  10. And that is it, click close to return to your app passwords page and repeat this process for any other Email applications you use.
  11. Note the option to bookmark this page (see below) - we recommend you do this as finding the page again can be a bit of challenge!
     
    Office 365 Two Factor Authentication - Your app passwords

Note that you cannot go back and see what the app passwords are. If you need to set up Email again on the device or application you will need to create a new app password (and for good house-keeping, delete the old one).

Further Information

If you would like some further information on the additional security (Two Factor Authentication) mechanism, the following links provide more details.  The first link should also take you directly to the App passwords manage page for your Office 365 account.

Frequently Asked Questions

Would need a text message password each and every time I logged-on?

You would only need the text message whenever you log on to your Email using a Web Browser.  If you are checking your Email through an application (e.g. Outlook on a PC or the Mail app on your phone) then no as these will be using app passwords.

What happens if I don't have my phone with me or don't have mobile coverage?

If you don't have your phone with you and you only have one phone set up to receive your verification code you will not be able to sign in to your Chambers Technology Support Email via the web however Email will continue to work in applications (e.g. Outlook) that are configured with app passwords.

If you are likely not to have mobile coverage you should look at the other authentication options that are available (see below).

Are there other authentication options?

Yes and it is recommended you set up more than one authentication method.  You can set up an additional phone to receive the text message on, or an office phone that can be called with the code. You can also install an App which generates the verification code and avoids the need to receive text messages and so have mobile coverage all the time.  For further details on the options see Use Azure Authenticator with Office 365 (Microsoft).

Tags  365 email factor office security two

Corrections or suggestions

Secure USB Flash Drive

Kingston DataTraveler Locker+ 16GB USB Flash Drive

Kingston DataTraveler Locker+ G2

Secure USB Hard Drive

Western Digital MyPassport 1TB USB Drive

Western Digital MyPassport 1TB