It’s easier than you think for someone to steal your password, no matter how well you protect it.
Instead of protecting your Google account with just a password, consider adding 2 Step Verification. This adds an extra level to the login process that requires a unique key that’s supplied to you by Google, and you need to supply this key before your login is completed.
The principle is that even if (or perhaps when) your account password is compromised by someone maliciously, they won’t have access to your phone so they won’t be able to get the unique key to log into your account. It’s very similar to the SecureID key tags some banks supply for online banking, except it’s tied to your phone via either SMS or an app of your choice.
If you have a significant amount of data in your Google account that you’d be lost without, you should enable 2 Step Verification if you’ve not already done so. Here’s a step by step guide:
Enable 2 Step Verification
- Login to https://google.com/settings
- Navigate to Security as shown below
- Next to 2-Step Verification, Select “Setup”
- Follow the Start Setup procedure which will require your password.
- Check your details in the setup process
You’ll receive a text message with a verification code.
You can setup “trusted computers” which only check for Auth codes every 30 days
Once you’ve stepped through this process, you can enable 2-step verification
It really is that easy to protect your data – just 5 easy steps.
If you want to stop there and continue to use SMS delivery, you can do so – but there’s another option that you might prefer.
Switch to using the Google Authenticator App
Rather than waiting for an SMS every time you need to log in, you can switch to using the Google Authenticator app instead. This does exactly the same thing, but means you don’t have to be within mobile coverage range or wait for the SMS.
To enable app delivery, click the highlighted button “Switch to App”:
Choose your platform (Android, Blackberry or iPhone are supported):
The Authenticator app will be installed. Once it’s up and running, scan the QR Code that appears on screen, then enter the subsequent code into the provided box.
If you’re a bit careless with your phone (or you’re a tinkerer who regularly destroys / wipes everything from your phone), you can create backup codes in the Google Security Settings area that can be printed and kept in a safe place to cover you in emergencies.
2 Step Verification in practice
From this point forward, when you log into a new PC with your Google login you’ll need to provide your username, password and authentication code:
This could potentially be when logging into a PC or laptop you’ve not logged into for a while, a new browser or even a new PC (perhaps a public access PC).
Don’t think of it as an inconvenience – think of it as extra security for your data.