Friday, April 5, 2013

How to Set up 2 Step Verification in Gmail

Everyday, tens of thousands of personal accounts are hacked. Personal information is compromised, passwords are cracked, and lives are put in jeopardy. If you ever use one password for multiple accounts, you are exponentially increasing your vulnerability to being hacked. Thankfully, Google has launched its 2-step verification system: anytime an unknown device is used to sign into your Google account, the user has to provide a verification code in addition to the password. So it's not enough for hackers to just get your password; they'll also need physical control of your phone or computer to access your account. 

Sign into your Gmail account. Click on a thumbnail of your avatar on the right side of the top menu bar, and then click "Account" to update your settings.

You will land on your Account Settings page. On the left menu bar, click "Security."

In the 2-step verification section, you'll see if you already have 2-step verification turned on. If it says "OFF," click "Edit" to set the feature up.

You'll see a page that briefly walks through the steps of setting up 2-step verification. Hover over the steps for more detail. Once you're ready, click "Start setup."

Type in your cell phone number. This will be the phone associated with your Google account. Anytime you sign into your Google account from an unknown device (e.g., a public computer), Google will send a verification code to your phone and you will need to enter that before you can sign in.

Select whether you'd like to receive a text message or Google Voice call with your verification code. Press submit. Then wait for the code to arrive to your phone and enter it in.

Decide whether to trust this device. If you are turning on 2-step verification from a personal computer or trusted device, check the "trust this device" box. You will only be asked to enter a verification code when you sign into this account once per 30 days.

Press OK, and you have just set up 2-step verification for your Google account! Skip any additional steps that seem unfamiliar or confusing for now -- we will address all of them in successive sections of this article.

Print a list of backup verification codes and store it in a secure but accessible place, like your wallet. If you ever need to sign into your Google account but don't have your primary phone with you, you can enter one of these codes instead. 

Under "How to receive codes," click on the "Show backup codes" link. Print this page.

Application-Specific Passwords:

Understand the need for application-specific passwords. With 2-step verification, Google has you covered every time you sign into your account from a web browser.However, if you use your Google account with other applications, such as Microsoft Outlook or a mobile device's mail application, those systems cannot ask you for a verification code. Therefore, you will need to sign into those systems once with an application-specific password. You will only need to re-enter an application-specific password if you choose to reset it and generate a new one for that device.

Generate application-specific passwords for your devices. Go to your 2-step verification settings page or click "Edit" next to 2-step verification on the Security Account Settings page (steps 1-3 above). Scroll down and click on "Manage application-specific passwords." 



At the top of the page, you will see a list of sites, applications and devices to which you have granted some level of access to your account. If you allowed a third-party website (e.g., LinkedIn, Twitter, Foursquare) to comb your Gmail Contacts to find friends, for example, you will see that listed. If you use other Google applications, you will also see those listed. Feel free to revoke access to any site or program you no longer wish to use 



Scroll down to the field at the bottom for entering the name of a device. Enter in something that will help you remember what this application-specific password is for -- e.g., Mail App on iPhone, Google App on iPhone, Chrome Sync, Outlook, Thunderbird, or whatever describes your application. Click "Generate password".



Open up the application. Go to the settings page where you enter in your Google Account information. Type in your Google account name as usual. Now instead of your account password, type in the application-specific password in the password field. You have now granted this application full access to your Google account.


 You will only need to enter this password once. There is no need to write it down or memorize it, and it will not be displayed by Google again.


Click "Done" on your web browser once you have successfully entered the application-specific password.



If You Lose Your Phone:

If you lose your phone and have 2-step verification turned on, you can still access your Gmail account. You also can and should follow these steps to stop strangers from gaining access to your Google accounts.

 Revoke your current application-specific passwords. If you have a smartphone with apps linked to your Google account, they will automatically be signed out. When you get a new phone, you can generate new application-specific passwords (see previous section) and enter them into your new devices.



If you get phone and change your phone number, be sure to revoke access to your previous number on the 2-step verification settings page.