+ Monday September 16th, 2019

2-step-verification-header

It’s easier than you think for someone to steal your password, no matter how well you protect it.

Instead of protecting your Google account with just a password, consider adding 2 Step Verification. This adds an extra level to the login process that requires a unique key that’s supplied to you by Google, and you need to supply this key before your login is completed.

The principle is that even if (or perhaps when) your account password is compromised by someone maliciously, they won’t have access to your phone so they won’t be able to get the unique key to log into your account. It’s very similar to the SecureID key tags some banks supply for online banking, except it’s tied to your phone via either SMS or an app of your choice.

If you have a significant amount of data in your Google account that you’d be lost without, you should enable 2 Step Verification if you’ve not already done so. Here’s a step by step guide:

Enable 2 Step Verification

  1. Login to https://google.com/settings
  2. Navigate to Security as shown below
    security_tag
  3. Next to 2-Step Verification, Select “Setup”
    setup
  4. Follow the Start Setup procedure which will require your password.
    start_setup
    enter_pwd
  5. Check your details in the setup process
    setup_phone
    You’ll receive a text message with a verification code.
    verification_code
    You can setup “trusted computers” which only check for Auth codes every 30 days
    trusted_pc
    Once you’ve stepped through this process, you can enable 2-step verification
    confirm-2step

It really is that easy to protect your data – just 5 easy steps.

If you want to stop there and continue to use SMS delivery, you can do so – but there’s another option that you might prefer.


Switch to using the Google Authenticator App

Rather than waiting for an SMS every time you need to log in, you can switch to using the Google Authenticator app instead. This does exactly the same thing, but means you don’t have to be within mobile coverage range or wait for the SMS.

To enable app delivery, click the highlighted button “Switch to App”:
app_auth

Choose your platform (Android, Blackberry or iPhone are supported):
platform_select

The Authenticator app will be installed. Once it’s up and running, scan the QR Code that appears on screen, then enter the subsequent code into the provided box.
setup_qr

You’re done!
auth_setup_success

If you’re a bit careless with your phone (or you’re a tinkerer who regularly destroys / wipes everything from your phone), you can create backup codes in the Google Security Settings area that can be printed and kept in a safe place to cover you in emergencies.


2 Step Verification in practice

From this point forward, when you log into a new PC with your Google login you’ll need to provide your username, password and authentication code:

Email Entry
Email Entry
Code Entry
Code Entry

This could potentially be when logging into a PC or laptop you’ve not logged into for a while, a new browser or even a new PC (perhaps a public access PC).

Don’t think of it as an inconvenience – think of it as extra security for your data.

Phil Tann   Associate

Phil Tann

Phil is an Android enthusiast who spends most of his time reading up on U.S. Android news so he can get the low down on what could possibly hit Australian shores. Coming from a background in IT & T sales, he’s in the perfect position to give an educated view on hardware and software.

10 comments

  1. Avatar

    Is it possible to back out of two factor authentication if you… well if you decide it’s not for you?

  2. Avatar

    Google should have this option on by default.

  3. Avatar

    Thanks for the push, I’ve been meaning to do this.
    and secure..ish

  4. Avatar

    I recommand using the Authy app (https://play.google.com/store/apps/details?id=com.authy.authy) instead of the Authenticator, you can use it in multiple devices.

  5. Avatar

    You can use the google authenticator app for many sites that support 2 factor auth. I also have Lastpass, Microsoft, Facebook and GitHub in it

  6. Avatar

    How do you get back in if your phone is stolen or something like that?

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

[Update: Probably a 5G XL] Does Google have a third Pixel 4 device coming in October?

It’s Pixel leak season, so we lead this story with an apology for being the …