Security has become issue number
one for many companies, people, services, and devices. With more people hopping over to the cloud, having tight security could mean the
difference between your data being secure and your data being stolen. This has
become especially true with the massive use of mobile devices to connect to
those accounts.

Your Google account is no
exemption. If you have a simple password, that account will most likely get
hacked. If you have a complex password, the possibility decreases. With 2-step
verification, the likelihood of your account getting hacked is even further
reduced (drastically even).

What is 2-step verification and how
do you get it? Simple — after you set up 2-step verification, you enter
your Google account password, and then you’re prompted for a passcode that’s
sent to your mobile device (via text, voice call, or the mobile app).

“Mobile app,” you say? Why yes.
Google has created an Android app, Google Authenticator, that makes 2-step
authentication simple. Google Authenticator works like this:

  1. Set up 2-step verification for your account (on your PC)
  2. Install the Google Authenticator app (on your Android phone)
  3. Log into your Google account the standard way (again, on your PC)
  4. When prompted, the 2-step code will be sent via the
    method you set up
  5. Enter the code to authenticate your login
  6. Enjoy your Google account with its new level of
    security

Setting up your account for 2-step

Before you can make use of the Google Authenticator app, let the 2-step verification wizard help you through the simple set up on your PC. The first step of the wizard requires you to log into your Google account. This is a standard login
(your email address and password associated with that account). The second step (Figure A) prompts you to enter a
mobile phone number so that Google can send an electronic message with the verification
code. This code will be used to authenticate against untrusted computers.

Figure A

 

 

Setting up 2-step authentication
for your Google Account.

You’ll immediately receive either
a text or voice message (whichever you chose to use) with a verification code.
Enter that code and click Verify (in the 2-step wizard). The next step will ask
if you want to trust the computer you’re on. If so, keep Trust this computer
checked and click Next. If not, uncheck the Trust this computer box and click
Next.

The final step of the wizard is to
confirm the enabling of 2-step verification. All you have to do is click
Confirm, and you’re done. 2-step verification is now activated for your Google
account.

After 2-step is established, you have to
reconnect all of your apps. You’ll be prompted (once you’ve completed the
last step of the 2-step setup) to click the Reconnect my apps button. After
clicking this button, you’ll be asked to log back into your account and retrieve the backup codes. You can refer to your phone for the backup codes, or you can retrieve them by following these steps:

  1. Click on the Go to my settings button
  2. Scroll down to Backup options
  3. Follow the instructions for Backup codes

Either print those codes or save
them as a text file. That’s how you’ll gain access to your account,
should you ever not have your phone handy.

Google Authenticator

As I mentioned before, there are
three ways to get your verification codes:

  • SMS
  • Voice message
  • Google Authenticator

The nice thing about the Google Authenticator
app is that it can generate a code for you, even if you’re in Airplane mode. To
install this app, do the following:

  1. On your Android device, open the Google Play Store
  2. Search for Google Authenticator
  3. Locate and tap the entry for the official Google app
  4. Tap Install
  5. Tap Accept
  6. Allow the installation to complete

Once the app is installed, you can
launch it from within your app drawer. From the welcome screen (Figure B), tap the Begin Setup button.

Figure B

 

 

Google Authenticator running on a
Verizon-branded Samsung Galaxy S4.

First, you’ll be prompted to enter
your Google account password. Do that, and tap Done. Next, you’ll be required to OK
the EULA. If you get a failure (and you most likely will), you’ll be prompted
to sign in via the web browser. Tap the Next button, and sign into your
Google account when prompted. You’ll then receive the verification code on
your mobile device. Enter that code, and the verification will succeed.

The next step is to set up Google
Authenticator. To do this, open up a web browser on your desktop and go to https://g.co/authenticator.
You’ll be prompted to log into your Google account. Upon successful login, a
pop-up window will appear with a QR code. On your device, tap the account (from within
Google Authenticator) that you want to set up. In the resulting window, tap Scan
barcode. You may be prompted to install the ZXing barcode scanner (if so, tap
Install). Hold the device up to the screen so ZXing can scan the code. Upon
successful scanning, you’ll see the Google Authenticator app display a
verification code. The code will only last a short time. You must enter that
code into the required text area (within the web browser). When that step is
complete, the Google Authenticator will be officially set up.

Now, when you want to log into your
2-step enabled Google account, you can get your verification code for that
account from the Google Authenticator app (no more need to get the code sent
via SMS or voice message). Again, this app will work even if you’re in Airplane mode.

If you decide 2-step verification
is too cumbersome, you can always modify the settings to turn it off.

However, to
keep your Google account as secure as possible, consider using 2-step
authentication and the Google Authenticator app. Your data will thank you for
it.

What do you think? Is 2-step
authentication the best way to keep your data from being hijacked? If
not, let us know a better solution in the discussion thread below.