For the third day of the 12 Days of 2FA, we’ll look at how to enable two-factor authentication (2FA) on Yahoo. After Yahoo disclosed the largest known data breach in the history of the Internet in September, 500 million compromised users have been advised to change their passwords and update the answers to their security questions. On top of these common-sense steps, 2FA is an easy, powerful defense in the face of large-scale, password-stealing hacks.

The Yahoo hack is only one recent example among countless data breaches and leaks. While data breaches may compromise your password and other information eventually, it is harder for them to affect a second factor of verification that you physically have in your possession, like your mobile phone. If your email password is the information that is compromised without 2FA enabled, then it can give an attacker the ability to reset and access almost any of your other online accounts.

This makes email a great place to start for 2FA beginners and experts alike. See below for steps to enable 2FA on your Yahoo account.

Mouse over your name in the upper right-hand corner and click “Account Info.”

On the left-hand bar, choose “Account security.” Move the toggle by “Two-step verification” to the right to start set-up.

Enter your mobile phone number. You’ll need to be able to receive text messages and/or voice calls at this number. Click the one you’d prefer.

Soon after you click, you should receive a text or call with your code. Enter the code and click “Verify.”

With set-up complete, you’ll have the option to generate third-party app passwords—that is, passwords for devices and applications that do not support logging in using a one-time verification code. You’ll want to generate app passwords if you access your Yahoo Mail account on other platforms like iOS Mail, Android Mail, or Outlook.

Stay tuned for more posts on two-factor authentication during the 12 Days of 2FA.