How To Set Up Google’s Advanced Sign-In Security

If you use Gmail or any of Google’s services (email, voicemail, text messages, contacts, Google Docs, or photos), you trust them a tremendous amount of data.  What would happen if your password was stolen?

Google has created an advanced opt-in security feature called 2-step verification.  This 2-step verification requires two independent factors for authentication.

2-step verification requires two independent factors for authentication, much like you might see on your banking website: your password, plus a code obtained using your phone. via Google

What You’ll Need

1. A phone that is usually available to you when you sign in.  This could be a landline or mobile phone.
2. A backup phone that you can use if you lose access to your primary phone.
3. A few minutes to walk through the entire process.

How To Set Up Google’s Advanced Sign-In Security

Step 1. Go to your Account Settings page.

Step 2. Click on “Using 2-step verification

Step 3. Walk through the setup guide.

You will have to add a new phone number that you want to use for your two-step verification.  You will confirm that this is your phone number defferently depending on what kind of phone you have.

There is a Google Authenticator app for iPhones (iTunes Link), Android phones (Android Marketplace link), and Blackberry phones (Blackberry app link).  You can also use a regular cell phone that supports text or automated voices messages from Google.

Step 4. Setup a backup phone.  Adding a backup number ensures you can receive a verification code to sign in even if you primary phone isn’t working.  You can receive the verification code on your backup phone via text message or automated voice message.

Using the two-step verification

Next time you sign into your Google account you will enter your username and password like normal.  You will also be prompted to enter your verification code.

If you like, you can always choose a “Remember verification for this computer for 30 days” option, and you won’t need to re-enter a code for another 30 days. You can also set up one-time application-specific passwords to sign in to your account from non-browser based applications that are designed to only ask for a password, and cannot prompt for the code. via Google

When you select Remember verification for this computer, you are only prompted to enter a verification code once every 30 days per browser or after deleting your browser’s cookies. Don’t check this if you’re at a public or shared access computer.

Why use the two-step verification?

The only thing protecting your Google account and all of your information is one little password.  You might have a very strong password, but if it is ever stolen, someone else instantly has access to your data. By adding this second layer of security it is much more difficult for someone else to access your account. They would need to steal your password and your phone to do so.

You can turn off the 2-step verification by going to the Using 2-step verification page under your Google Account settings. Sign in with your username, password, and verification code if prompted and click the Turn off 2-step verification.

Bottom Line

Security and data backup and two things that a lot of people take for granted. The process does add an extra step and maybe a little hassle but the added security makes it worth it.  If you use Google for your email or any other services, I encourage you to turn on the 2-step verification.

The two-step verification has been available for paid Google apps accounts for several months but is now being offered to everyone.  This is a gradual rollout from Google.  If the two-step verification is not available to you yet, it will be soon.

Tagged as: 2-step verification, Google, Security