Google 2-step verification has been around for over a year now yet I am surprised at how little promotion it receives and how few users actually know about it.
You need to have this enabled if you value your Google data — Google mail, Google+, etc
Once enabled you add a second step to the sign in of your Google account. The first is the usual username (email address) and password; the second is a six digit number.
The number is not fixed like a pin, but is continually changing. Enter the number and you have access to your account.
So how does this protect me? The number changes every 10 seconds so has a very short shelf life. If someone is able to guess, or hack, your password they have another barrier to pass, however that barrier is ever-changing. Each time you login to your Google account you require a different number.
To receive the number you will need access to a device, such as your mobile phone. Google have the Authenticator App for Android, Blackberry or the iPhone. Fire up the App and a number is generated; use this during login.
If you do not have a smart phone Google will send you an SMS text message with your number. You can also generate a set of 10 numbers to be used in an emergency to access your account — for example, if you misplace your phone. Store these numbers in a safe place!!
Some applications may not support the two step process, such as the native email app on most mobile phones or your PC. Again Google have a solution for this. You generate a one time only password for each application. It’s not designed for you to remember but enter into your application and it will remember. If for any reason you feel the security of the device running the application has been compromised you would sign in to your Google Account and disable the one time password; this will disable access to your account from the application on the other device.
It sounds a little cumbersome but it is really a fabulous solution and only adds a few seconds to your login time.
Go do it now — feel safe! It’s free.