Harden your Mailfence account

Mailfence offers a secure and private email-suite, and all user accounts are protected through standard security and privacy measures (check our high-level security analysis for more information). However, as ever with any other digital system, we are engaged in a race against the cyber pirates and unfortunately, the weakest link in the security chain are people. That’s why you must take the steps we describe in this post to strengthen your Mailfence account.

Use a unique and strong password

Using a strong password is a common piece of advice, but unfortunately, many of us still make mistakes when setting our passwords.

It takes less than 1 second for a hacker to crack the password “qazwsxedc, and of course, it will take him even less time to guess a simpler password such as “111111”. This is all the more annoying because reports still find compromised passwords as one of the leading contributors of successful attacks.

That’s why it’s crucial to harden your Mailfence account with a strong and unique password, or, even better, a passphrase, e.g., random sequence of words constituting a sentence which is easy to remember (check our tips to create one).

You realize that the password you set for Mailfence is not strong enough to protect your account? Take these steps to modify it :

In your Mailfence account, you can change your account password by going into your account Settings -> Account -> Security: Password.

Use a unique and strong password to harden your account
Settings -> Account -> Security: Password

Enable Two-factor authentication (2FA)

Two-factor authentication (2FA) hardens your Mailfence account by adding an extra step of security (in addition to the password).

This additional step is designed to confirm that you are the actual Mailfence account user, by asking you a question about something only you know, such as a password or a PIN code, or requesting you to type a code you would have received in a text message, or through an authenticator app on your mobile phone. Alternatively, you could also be asked to provide your fingerprints on touch devices.

To set-up 2FA to harden your Mailfence account, follow this step :

Go into your account Settings -> Account -> Security: Two-factor authentication.

Enable Two-factor authentication (TFA) to protect your Mailfence account
tSettings -> Account -> Security: Two-factor authentication

Also, you will need to install any Time-based One-Time Password (TOTP) based application on your smartphone. It will generate a TOTP code calculated with a formula using the current time. That’s why this code is modified after a short period of time.

Do not forget to generate backup codes, which will allow you to regain access to your account in case you lose access to your TOTP app. You will find a detailed guide in this KB article.

Disable access to services which are not in use

Mailfence offers a variety of non-web services that can be accessed through external clients. But these are all possible entry points for intruders who might try to break into your accounts to steal your personal data.

That’s why it’s important to review them regularly to disable the ones you don’t use any more. This way, you will make them inaccessible to these intruders.

To disable any of these services which are not in use anymore, follow these steps :

Going into your account Settings -> Account -> Security: Services access.

You can disable any of the non-web services to harden your Mailfence account
Settings -> Account -> Security: Services access

You will also be asked to take this step after enabling TFA if all of your non-web services are enabled.

This option will not appear if you have already managed (enabled/disabled) your account non-web services

This will harden your Mailfence account by reducing its attack surface. Consequently, any connection attempt using a service that is disabled will be refused.

Use service specific passwords to strengthen your Mailfence account

If you are using any non-web service i.e., SMTP, IMAP, POP, EAS, xDAV, Instant messaging for groups, then it is highly recommended to access them using a different password from your account web access.

This is the next logical step that you should take after enabling 2FA for web access to harden your Mailfence account. You’ll extend the level of security on other/non-web services which are in use.

However, we also recommend you to generate and use service specific passwords also, even if you do not enable 2FA.

To do so, follow these steps :

Go to your account Settings -> Account -> Security: Services access (section) -> click on ‘Generate a specific password for this service’.

Settings -> Account -> Security: Services access (section) -> click on ‘Generate a specific password for this service’

Click on ‘Generate’.

Make sure to use/copy the generated password to harden your Mailfence account
Make sure to use/copy the generated password.
It will NOT be displayed again.

From this point onward, the selected service WILL NOT be accessible using account (web) password.

You can stop using a service specific password at any time by clicking on ‘Revoke’ [Settings -> Account -> Security: Services access (section)].

You can revoke your service passwords
Settings -> Account -> Security: Services access (section) -> Revoke

Take necessary measures for Groups

Mailfence offers group functionality for collaboration among different users.

Following are some measures that you can take to strengthen the security and privacy of your Group :

  1. Since you can also use Group functionality to make the most of your subscription quota, make sure not to add group members if not desired.
  2. Please be aware that in shared mailbox, all of your sender address(es) will be visible (including alias sender addresses) to Group members with whom you have shared your mailbox. This feature should be used in trusted circles only.
  3. Make sure not to expose your calendar events visibility unintentionally to groups members. This can be managed for each calendar event by following the steps here (-> Visibility: Choose ‘Invisible’).
  4. Depending on your requirements, make sure to set access rights for group tools i.e., documents, calendars, contacts to the minimum.
  5. To avoid exposing your Presence in Group chat, you can always set your status to ‘Offline’.

Additional tips to harden your Mailfence account

  • Keep an eye on your last web connection details by clicking on the Mailfence logo at the top-left corner in your Mailfence account. Then check Account section (in right-column). Any unidentified information here (e.g., suspicious date & timestamp and/or IP address & country) can indicate a possible compromise.
  • To avoid any tracking and other related issues, we recommended that you set your emails reading/viewing mode to ‘Text only’ (Settings -> Messages -> General: Display mode).
  • Please be aware that your account First/Last name (provided at registration time) is used as a Display name for all sender addresses (including alias addresses). Your name also appears as the owner name of files that you own (visible to other group members). You can always change your account First/Last name or an alias address display name by going into your account Settings -> Account -> Personal data -> Edit.
  • Please be aware that your account username is visible in public page URLs (i.e., document public page, calendar public page). In case you would prefer to change your account username, please contact our support.

In addition to all these measures to strengthen your Mailfence account, we encourage you to follow good data security and privacy practices.

Not a Mailfence account user yet?

Mailfence is a secure and private email suite a calendar with polls and groups management, a chat servicecontact management software and a document storage and management tool. To protect your account against unwanted intrusions and breaches, it uses end-to-end encryptiondigital signatures and 2FA.

Even if all this seems very technical, the suite is very easy to use, and very quickly you’ll not be able to do without these tools, and you’ll even wonder how you could live without them for so long!

Want to give it a try? Check about our free plan now!

Get your secure email

– Mailfence Team

Share This Article
Avatar for M Salman Nadeem

M Salman Nadeem

Salman works as an Information security analyst for Mailfence. His areas of interests include cryptography, security architecture and design, access control and operations security. You can follow him on LinkedIn @mohammadsalmannadeem

You may also like...