Protect your Google account with two-factor authentication
Two-factor authentication – otherwise known as two-step authentication or the slightly less unwieldy “2FA” – is a pretty important security tool these days, but it sure is irritating.
Most people have a single layer of security on their accounts – their password. With two-factor authentication, if someone knows your password or a hacker gets hold of it, they’ll still need your phone or a security key to access your account.
Yes, it makes it that bit harder for you to be hacked, as it means the hacker needs access to at least two of your devices or passwords, but it’s fiddly enough that most people just can’t be bothered until it’s too late. Not only is two-factor authentication a terrible name, the whole process requires you to sign in on a computer, get a text message or email with a code that you have to manually type out, and only then can you log in.
Google has had a stab at making things simpler, and it’s actually really good. Because pretty much everyone has a smartphone and the vast majority of them are using iOS or Android, Google reckons that linking your account to your handset is safe enough.
Now, if you try to log in to Gmail on a new PC, your phone will receive a “prompt” asking for permission. Just say that it is, and you’re good to go. No unwieldy entry of numbers or text: just a single tap.
Google only lets you do this if you have a lockscreen on your phone, and it requires either Android or an iPhone 5s or later. You also have to opt in to the system to get it working. Here’s how.
Two-factor authentication on Google
Head to the Security section of your Google account.
Click on “2-Step Verification”.
A new option called “Google Prompt” should be there. Select it.
Select your phone from the dropdown box (most people will only have one, but just to be safe).
Google will send a test prompt to confirm. Select “yes” on your phone when it comes through and you’re good to go!
The codes issued by Google each time are unique to you and your account. If you choose to use verification codes, they will be sent to your phone via text, voice call, or via Google’s mobile app. Each code can only be used once.
If you don’t have signal, Google’s Authenticator app for Android, iPhone, or BlackBerry will generate verification codes in place of a text message or phone call. You can additionally print or download one-time-use backup codes in case you don’t have your phone to hand, and you can store backup numbers on the account.
Of course, this won’t solve ALL your 2FA problems in one go. Any sites that aren’t Google will still require you to do things the old-fashioned way, but given that people use an awful lot of Google services, it’s a good one to start with.
Image: Japanexpertana used under Creative Commons