Navegó a una página que no está disponible en español en este momento. Seleccione el enlace si desea ver otro contenido en español.

Página principal

Two-factor authentication helps protect the one and only you

Look beyond the password for added security

Is a password the only thing standing between you and a cyber criminal? If you don't add an additional method of account security, your information could be at risk. Scammers often use malware, phony emails and text messages, and other methods to crack a password. With more than 2 billion consumer records exposed in 2018 data breaches, what can you do to help secure your data? You can start by using two-factor authentication, an increasingly popular login method among companies worldwide, including Yahoo, Google, Facebook, and many financial institutions.

What is two-factor authentication?

Two-factor authentication (also known as “2FA” or “multi-factor authentication”) is a method of identity verification using two different components, such as a password and a security token or one-time verification code sent to your mobile device. This method combines something you have (a token or code) with something you know (a password). Two-factor authentication is more effective in securing account access than a password alone, making it more difficult for criminals to access your accounts.

Did you know you can add an additional layer of security each time you sign on to Wells Fargo Online® or the Wells Fargo Mobile® app with 2-Step Verification at Sign-On? With this two-factor authentication option, you will receive a one-time verification code on your device, such as a mobile phone, each time you sign on to online or mobile banking. Wells Fargo customers can sign on now to activate 2-Step Verification at Sign-On for added account protection.

Beware of imposter scams

Scammers are on the hunt for security tokens and verification codes to enable unauthorized account access. One common scam involves a criminal acquiring verification code using the most unlikely-and unsuspecting-accomplice-you. In this scenario, the scammer – who has already stolen your username and password via a data breach or other means - resorts to social engineering to convince you to divulge your verification code.

How the scam works:

  • The scammer calls or text you, impersonating your bank, email provider, or other company - claiming that suspicious activity has been detected on your account.
  • Then the “company” (in reality, the scammer) alerts you that it will text you a code that you should text back or repeat over the phone to verify your identity.
  • Next, the scammer will log in to the legitimate site with your login information, which prompts the code to be sent to your mobile device.
  • If you fall for this scam, you would then provide the code to the scammer, enabling him to access your accounts. But hopefully, you will think twice about sharing account access information with anyone who contacts you first.

Know that Wells Fargo will only send you a code when prompted by an action that you initiated, such as signing on to online banking or sending money. Also, when you call Wells Fargo customer service, a banker may send you a code to verify your identity. Never share your verification code with anyone. 

If you are uncomfortable with a request received via phone call or text that you didn’t initiate, don’t respond and hang up immediately. Then, contact the company using legitimate sources such as a phone number on the company’s website. If the caller claims to be from Wells Fargo, call 1-866-867-5568 to verify the authenticity of the request.

See how to spot other common scams and learn more about Wells Fargo's security tools and options.