Getting started

How to activate two-factor authentication on a Gandi SOGo email account

A bank of nine mailboxes arrange in a square and mounted on a wall with one mailbox open in which there are two envelopes stacked on top of one another, on a purple background

Two-factor authentication (2FA) is an increasingly relevant topic. It provides an extra layer of security to any online account by requiring a second means of verifying your identity when logging in to an account via a separate device: a kind of password for your password. When you activate 2FA on your Gandi email account, you’ll have to provide, in addition to a password, an extra code generated by an application (usually on your smartphone) to access your email account.

Improve the protection of your email communications

No one is completely safe from account hijacking. In the digital age, and with all the personal data disseminated online, it is strongly recommended in order to strengthen the security of email account logins. It’s possible to secure your login to any Gandi email address using 2FA (two-factor authentication) when you use SOGo or Roundcube.

Activate 2FA on SOGo

We walk you through how to activate 2FA on SOGo in this video:

Host your email address with Gandi

Gandi provides a “personal” email service with each domain name registered with us, called “GandiMail.” For each domain name registered with Gandi, you get 2 “standard” email accounts with 3 GB of storage each. You can purchase additional email accounts as needed: Standard email mailboxes have 3 GB of storage while Premium have 50 GB each.

Video script

Hello everyone, and welcome to Gandi’s YouTube channel!

Today, we’ll be showing you

how to set up two-factor authentication on SOGo.

Don’t forget—every domain name registered at Gandi

comes with two free custom email addresses with 3 GB of storage.

To start off, log in to your Gandi account,

then go to the “Domain” tab.

From your active domains,

choose the domain name linked to your email address.

Then go to the “Email” tab.

Click the email address you want to activate

two-factor authentication on.

Once you’re on your email address management page,

click on “Go to webmail,” then on “Use SOGo.”

Enter your login credentials for SOGo,

not to be confused with your Gandi account login.

Once you’re logged in to your SOGo account,

click the gear icon in the upper left.

Then check the “Enable two-factor authentication using Google Authenticator” box.

A QR code will then automatically appear on your screen

once you check the box.

You’ll have to scan this code with the authenticator app

installed on your smartphone.

Here, we’re using Google Authenticator.

Once you’ve scanned the QR code, a one-time timed code will be generated

every 30 seconds in your mobile app.

Be careful, though. Once you’ve decided to

activate 2FA on SOGo, you’ll need to enter this

code in order to be able to log in again.

So be sure to verify that

you have scanned the code with your TOTP app

before logging out.

Once you have scanned the QR code with your TOTP app,

go back to the SOGo interface

and click the Disk icon to save

your two-factor authentication activation.

And that’s it! You’ve activated two-factor authentication

with SOGo.

To further secure your acount,

navigate to the email interface in your Gandi account.

Once you’re on your email address page,

click on “Go to webmail.”

But this time, click on

“Manage mailbox settings.”

On this page, you’ll see a summary

of the level of security of your email account

as well as recommendations to

further secure your email account.

We recommend you set up a recovery email address.

If you lose your SOGo login details,

they can be sent to your recovery address.

To set up this recovery email,

scroll down the page to the

“Account Recovery methods,” section.

Then enter the email that you

want to use as your recovery

address for your SOGo email account,

then click “Save.”

You will then receive a notification

to validate your recovery address

by clicking on the link within 24 hours.

Go to the recovery email account and click the link

in the email that you will have received.

If you don’t find it, wait a few seconds,

and check your Spam folder if necessary.

By following the link, you will be asked

to re-enter your email account password

Then click “Confirm.”

Your recovery email address will then be set up.

Finally, go back to the “Account recovery methods,”

where we will also configure your recovery codes.

In the “Recovery codes,” section,

enter your Gandi email account password

and click on “Generate recovery codes.”

Your recovery codes will then appear.

It’s important to save these in

a safe place so that no one

other than you can use them to gain access.

You can, for example, save them in

a password manager or in a

password-protected file.

They should be accessible enough in case you need them.

And there you have it. You’ve now set up two-factor authentication

on your custom SOGo email account.

It’s that easy.

At Gandi, we’ll help you manage

the security of all your services.

Don’t forget to like this video and leave us a comment

if this was useful and of course,

subscribe to our YouTube channel,

so you don’t miss our next video!