Navegó a una página que no está disponible en español en este momento. Seleccione el enlace si desea ver otro contenido en español.

Página principal

Two-factor authentication helps protect the one and only you

Look beyond the password for added security

Is a password the only thing standing between you and an online criminal? If you choose not to employ an additional method of account security, your information could be at risk. Scammers often use malware, phony websites, and other methods to crack a password. Many people use the same password on multiple websites and 46% use passwords that are at least five years old. In addition, 64% of millennials have had their online and mobile accounts compromised. With more than three billion usernames and passwords stolen in 2016, what can you do to help secure your data? You can start by using two-factor authentication, an increasingly popular login method among organizations worldwide, including Yahoo, Google, Facebook, and many financial institutions.

What is two-factor authentication?

Two-factor authentication (also known as “2FA” or “multi-factor authentication”) is a method of identity verification using two different components, such as a password and security token or one-time code sent to your mobile device. This method combines something you have (a token or code) with something you know (a password). Two-factor authentication is more effective in securing account access than a password alone, making it more difficult for criminals to access your accounts.

Did you know you can add an additional layer of security every time you sign on to Wells Fargo Online® with 2-Step Verification at Sign-On? With this two-factor authentication option, you will receive a one-time verification code on your device, such a mobile phone, each time you sign on to online or mobile banking.

Beware of authentication scams

Scammers are on the hunt for authentication tokens and codes to enable unauthorized account access. One new scam involves criminals acquiring an authentication code using the most unlikely – and unsuspecting – accomplice: you. In this scenario, the scammer – who has already stolen your username and password – resorts to social engineering to convince you to divulge your authentication code.

How the scam works:

  • The scammer sends you a text or calls your mobile number, impersonating your financial institution, email provider, or other company, claiming suspicious activity was discovered on your account.
  • Then the “company” (in reality, the scammer) alerts you that it will be texting you an authentication code that you should text back or repeat over the phone to prevent your account from being blocked.
  • Next, the scammer will log in to the legitimate site with your login information, which prompts the access code to be sent to your mobile device.
  • If you fall for this scam, you would then provide the code to the scammer, enabling him to access your accounts. But hopefully, you will think twice about sharing account access information with anyone who contacts you first.

Know that Wells Fargo will only send you a code when prompted by an action that you are initiating, such as logging into online banking or completing an online transaction, or when you contact a Wells Fargo banker by phone and she sends you a code to verify your identity. 

To help protect your accounts, use a unique, complex password for every online account and never text your authentication code to anyone. If you receive a text from a number claiming to be Wells Fargo and you did not request an authentication code, do not respond to it. Instead, call Wells Fargo at 1-866-867-5568 to verify its authenticity.

To learn more about authentication options, visit Security Tools and Options. Follow these tips for creating a safer password.