Sign On
Is a password the only thing standing between you and a cyber criminal? Many of us re-use passwords across multiple sites, which can lead to fraud and identity theft if that password is exposed through a data breach, phishing attempt, or malware attack.
To help secure your accounts, first, create a unique username and a long, strong password that contains a combination of letters, numbers and symbols for each of your accounts. Next, turn on two-factor authentication, which is commonly used by financial institutions, email service providers, and other companies large and small to help prevent unauthorized account access.
What is two-factor authentication?
Two-factor authentication, also known as "2FA", or sometimes referred to as "2-factor authentication" or "multi-factor authentication", is a way to verify a person’s identity using two different factors. For example, using both your password and an access code sent to your mobile device to sign in to an app is more secure than using only your password.
Wells Fargo may require two-factor authentication to confirm your identity when completing certain transactions or changes online.
Customers can add an additional layer of security to their accounts by activating Wells Fargo's 2FA feature, 2-Step Verification at Sign-On. Once activated, you will be prompted to enter an access code as part of the sign on process. You can get the code by:
- Requesting that Wells Fargo send it by push notification, text, email or a phone call.
- Using an RSA SecurID® device purchased through Wells Fargo.
Tip
When planning to travel abroad, consider using an RSA SecurID® device to generate the access code since some forms of digital communication may not be available on your trip.
Beware of imposter scams
Even when using two-factor authentication (2FA), it's still important to protect your accounts. Criminals know that access codes may be needed to commit their crimes and have devised ways to obtain them. A common scam involves a criminal acquiring an access code using the most unlikely and unsuspecting accomplice — you. In this scenario, the scammer — who has already stolen your username and password — manipulates you to get you to divulge the last piece of information they need, your access code. Don't share your access codes with anyone. Know that Wells Fargo will never ask for your login, password, one-time access codes, or authentication information.
Know that Wells Fargo will not call or text you requesting an access code. We only send you a code when prompted by an action that you initiated, such as signing in to online banking, sending money, or calling Wells Fargo customer service.
See how to more easily spot bank imposter scams.
Explore more security tools and options.
