BLOG
Blink Wallet offers phone and email login options, with email providing enhanced security against SIM swap attacks, reliable OTP delivery, and compatibility with Two-Factor Authentication (2FA). Learn how to set up email login, switch from phone login, and boost your account security in this guide.
When you first open the app, Blink offers two login methods: phone and email. While phone is mandatory upon account creation, email is additional. Let’s dive into the benefits of adding email to your login methods, and it might just become your preferred way to log in. If you don’t have an email account or need an overview of good alternatives, we have one at the end of this article.
Email login protects you from SIM swap attacks. In a SIM swap attack, an attacker persuades your mobile carrier with social engineering to transfer your phone number to a new SIM card. With control of your number, the attacker can receive SMS messages meant for you, including those used for account verification.
Email accounts are not vulnerable to this type of attack, which makes email a much more secure choice. It is therefore strongly encouraged that users add email to their account and remove phone number from their login methods.
Important: Adding email to your account is not sufficient to protect you from being SIM swapped. Phone number must be removed from login methods after email is added!
OTP delivery by SMS for login is unreliable due to several limitations: Network outages and delays can cause OTPs to arrive too late, rendering them useless. Additionally, reliance on mobile signal means that users in areas with poor reception might not receive their OTPs promptly. Email, on the other hand, is not dependent on mobile network reception and can work reliably in areas with poor signal. Additionally, emails are typically accessible across multiple devices and jurisdictions, offering more flexibility to users.
Enhancing account security by combining email with Two-Factor Authentication (2FA) is highly recommended. Implementing 2FA with TOTP (Time-based One-Time Password) apps like Google Authenticator or Authy adds an extra layer of security beyond just email login. TOTP codes are generated locally on the user's device and are time-sensitive, making them resistant to interception and phishing attacks. By requiring both an email login and a TOTP code, users can significantly reduce the risk of unauthorized access to their accounts. This dual approach ensures that even if one method is compromised, the additional layer of authentication provides robust protection for sensitive information and accounts.
If you prefer to use email for login and need to create a new email address, here’s how you can do it:
Step 1: Visit ProtonMail’s website.
Step 2: Click on “Sign Up.”
Step 3: Select a plan and follow the instructions to set up your account.
Step 4: ProtonMail offers encrypted email services for added privacy.
Step 1: Go to Tutanota’s sign-up page.
Step 2: Click on “Sign Up” and choose a plan.
Step 3: Follow the steps to create your email address and password.
Step 4: Tutanota provides end-to-end encryption for secure email communication.
Step 1: Go to Gmail’s sign-up page.
Step 2: Click on “Create account.”
Step 3: Enter your details and create a password.
Step 4: Verify your phone number if prompted (this step is optional but helps with account security).
To switch from phone number login to email, please follow these steps:
These options are available to all users, and you can choose the method that best fits your needs. If you have any questions or need assistance, our support team is here to help.
