Secure webmails with 2FA
How to activate 2FA on your Gandi email account
It is possible to secure access to any email address with the 2FA option (two-factor authentication or TOTP) when you use one of Gandi's two webmails, Roundcube or SOGo.
You can check the current security status of your email account and manage security preferences on the Gandi Webmail Security Settings page:
https://webmail.gandi.net/settings/login
Two-factor authentication can only be used on Gandi webmails.
Email clients such as Thunderbird or Outlook are not supported.
You are free to allow access to local email clients, such as Thunderbird, but the only method to secure access to your mailbox with double authentication is to deactivate these local clients.
What is two-factor authentication?
Two-factor authentication or 2FA refers to the security practice requiring two verification methods to validate your identification. When you activate 2FA on your Gandi Mail account, you will need to provide the password and an additional code generated by an application (usually on your mobile phone) to access the mailbox.
What is the security check?
When you go to the Gandi Webmail Security Settings page
https://webmail.gandi.net/settings/login
you can see a level ranging from 0 to 3 indicating the security level of your mailbox. To achieve maximum protection:
Create a strong password for your email box. You probably already completed this step when you created your email address. If the password is not complex enough, you can create a new password via the “Change Password” section further down the page. If needed:
http://passwordsgenerator.net/
Enable 2FA on both webmails SOGo and Roundcube.
Links to access Webmails are provided on the Security Settings page. Disable access to POP, IMAP and SMTP protocols. This step will prevent you from accessing your mailbox via an email client like Thunderbird or Outlook. These protocols cannot be secured with double authentication, so deactivating them is the only method to properly secure your mailbox with 2FA.
https://docs.gandi.net/en/gandimail/sogo_webmail/enable_2fa.html
https://docs.gandi.net/en/gandimail/roundcube_webmail/enable_2fa.html
Important: Recovery codes are provided on the Managing Webmail Security page:
https://webmail.gandi.net/settings/login