Do you ever use the same password for multiple
websites? Do you ever sign in to Google Mail from a public or shared computer? Such actions
weaken your password and make it easier to steal. Google now offers 2-step verification,
an optional security feature that helps protect your account even if your password is stolen
or cracked. This new feature helps improve security because signing in requires 2 things
— something you know — your password — and something you have — your phone. It’s much
like what you might see on your banking website. With 2-step verification, you’ll get a short
numeric code — known as a verification code — on your phone. You’ll then enter this in
addition to your username and password when you sign in.
Let’s take a look at how you’ll sign in with 2-step verification. After you sign in
with your username and password, Google will ask you for a verification code.
If you chose to receive a text or voice message when you set up 2-step verification, Google
will then send it to you on your phone. If you’re an Android, BlackBerry, or iPhone
user, you can also choose to generate a code on your phone using the Google Authenticator
app. Enter the code from your phone.
If you trust this computer you can check this box and you won’t be asked for another verification
code for 30 days. To set up 2-step verification, sign in to
your Google Account and go to your Account Settings page. Then, click “Using 2-step verification.”
On the next screen, click “Set up 2-step verification.” Follow the directions on your screen to choose
how to receive 2-step verification codes. You can receive your verification code in
an SMS text message, in a voice call to your landline or mobile phone, or by generating
a code using the free Google Authenticator app on your Android,
BlackBerry, iPhone, iPad, or iPod Touch. But what if your phone is unavailable, lost,
or stolen? Next you’ll add two backup options for receiving verification codes.
Write down or print your backup verification codes.
You can use these in case your phone is not available or if you are traveling.
Keep them in a safe and accessible place. You’ll also need to add a backup phone that
you can use if you lose access to your primary phone. This can be a work or home phone, or
the phone of someone you trust, like a friend or family member.
2-step verification protects your Google Account whenever you sign in from a web browser. However,
devices and applications — like smartphones, the Picasa desktop application, and Microsoft
Outlook — can’t ask you for verification codes, only your username and password.
In order to help keep these applications safe, you’ll need to use a special password, called
an application-specific password, instead of your regular account password. Application-specific
passwords are generated by Google upon your request, and you do not need to remember them
since you should only need to enter them once! To illustrate, let’s set up the Mail app on
an iPhone using an application-specific password. First you need to create an application-specific
password. Go to your Account Settings page and click “Authorizing applications & sites.”
Enter the name of the application this password is for — in this case, “Gmail on my iPhone.”
Then, click generate. Enter the application-specific password on
your iPhone … And you’re done! We know application-specific passwords are
long and hard to remember — that’s why you don’t have to! You should only need to enter
these passwords once per application or device, and you can always revoke and generate a new
password if needed. Thanks for trying 2-step verification and
kudos to you for taking extra steps to protect your account!