Why 2FA Matters for Email Infrastructure
Email infrastructure accounts are particularly sensitive. An attacker who gains access can send mail as your domain, exfiltrate contact lists, revoke your own access, or abuse your sending reputation until your domain is blocklisted. A time-based one-time password (TOTP) second factor expires every 30 seconds, so stolen static credentials are not enough to get in.Enable Two-Factor Authentication
1
Sign in to your account
Go to https://my.ugmail.co and sign in with your email address and password.
2
Open Security Settings
Click your account avatar in the top-right corner, then navigate to Settings → Security.
3
Start the 2FA setup
Click Enable Two-Factor Authentication. UGMail will generate a unique QR code and setup key for your account.
4
Scan the QR code
Open your authenticator app — Google Authenticator, Authy, 1Password, or any TOTP-compatible app — and scan the QR code displayed on screen. If you cannot scan the code, tap Enter key manually in your app and type the setup key shown below the QR code.
5
Confirm with a one-time code
Enter the current 6-digit code from your authenticator app into the confirmation field and click Verify. This confirms that your app is correctly synced before 2FA is activated.
6
Save your backup codes
UGMail will display a set of single-use backup codes. Copy them and store them somewhere secure — a password manager, an encrypted note, or printed and kept offline. You will need one of these codes if you ever lose access to your authenticator app.
App Passwords
What Are App Passwords?
App passwords are separate credentials you create for a specific client or integration — an SMTP relay script, a mail client, a CI/CD pipeline, or a third-party service. Each app password is independent: it grants access only to the service or protocol you configure it for, and you can revoke it at any time without touching your main account password or any other integration.Why Use App Passwords?
When you connect an external tool to UGMail’s mail server (mail.ugmail.co) using SMTP, IMAP, or POP3, that tool needs a password. Giving it your main account password creates unnecessary risk:
- If the tool is compromised, your entire account is exposed.
- Rotating your main password to cut off the compromised tool also breaks every other integration using that password.
Create an App Password
- Go to Settings → Security → App Passwords in your account at my.ugmail.co.
- Click Create New, give the app password a descriptive label (for example,
transactional-mailer-prodorthunderbird-desktop), and click Generate. - Copy the generated password immediately — it is shown only once.
- In your mail client or integration, enter your UGMail email address as the username and the app password (not your main account password) as the password when configuring the SMTP, IMAP, or POP3 connection.

