Protect your Google account with two-factor authentication

Don't let hackers get at those love letters you sent with your Gmail account!

If you're a heavy Google user, your Google account is kind of a big deal. It's the gatekeeper to your email, and your Google+ account, important files, online photo storage...that Google account is your life. With so much at stake, you probably want to keep hackers as far away as possible. Two-factor authentication can help.

Two-factor authentication--called 2-step verification in Google's parlance--adds a second step to your Google login. Not only do you have to enter your username and password, but also a single-use security code, which usually gets sent to your phone via an app or text message. In return for the extra effort, you'll get an extra layer of protection that can help keep hackers out of your persona data.

Setting up 2-step verification

If you have an account for any of Google's services (Gmail, Google+, and so on), the setting up 2-step verification fairly straightforward. Start by visiting Google.com, and press the blue Sign In button in the upper right hand corner, and log in. Once signed in, look for your profile picture in the upper right corner and click it, then select Account from the menu that appears. (If you didn't set a photo to go with your account, you'll see a generic sillouette in its place).

Once you're at the Accounts settings page, select Security from the list along the left. Click the Edit link next to the 2-step verification heading to begin the process of setting it up. Google will give you a brief pictoral overview of what to expect: Give it a once-over, then press Start setup when you're ready to rock.

On the next screen, Google will ask you for your cellphone number. Select your country from the drop-down list (as represented by the flag icon), enter your number as instructed, then choose how you want to receive your security codes.

You can get security codes either via text message or voice call: If you're hearing impaired or aren't great at remembering strings of numbers, you'd probably be better off going with the Text message option. On the other hand, the Voice Call option might be a better choice if you have a limited--or no--text message plan.

Once you've entered your number and chosen how you want to recieve security codes, press Send code, and Google will send a test code to your phone. On the next screen, enter this test code where instructed, then press the Verify button.

You're almost done! Google will ask you if you want to trust the computer you're logged in on: If you "trust" a computer, you don't need to use a security code on it. This might be useful if you lose your phone and need to get into your Google account, or you're sick of entering security codes on your locked-down, highly secure office computer. Make your choice and press Next; you can go back and change this setting later if you change your mind.

Finally, Google will have you confirm one last time that you want to use 2-step verification. Press Confirm, and you're all set to go.

There's always a catch...

There is a catch: If you use any of Google's services through Apple's Mail, Calendar, or Contacts apps on iOS or OS X--or through the Mail app on BlackBerry or Windows Phone--you will need to "reconnect" your apps and devices to your Google account. This will let you generate special app-specific passwords so you can still log into your Google accounts through other apps.

How you reconnect your apps varies some depending on the apps you use, so we won't get into too much detail here, but when prompted, press Reconnect my apps, and Google will step you through the process.

Tags: Google, online safety, Web & social, security, Google+

Review: File Recovery Tools

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Email Security and Data Protection

Encrypt your sensitive email

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.