At a recent security conference in California, a Google software engineer revealed that less than 10% of Google account owners use two-factor authentication (2FA) when it comes to keeping your account secure. This number is particularly alarming considering how many threats we deal with on a daily basis, even from the most unlikely of sources.
This brings up a great question as to what exactly 2-factor authentication is, and how you can set it up for your various accounts. Thanks to Ashley, there is a wonderful explanation of what 2FA is, and how it works, while keeping your accounts protected and out of the wrong hands. However, here’s the TLDR version:
Standard 2FA asks for something that you know (username + password) and something that you have(code generated on smartphone).
Thankfully, Google has made life extremely easy for those who want to keep their accounts even more secure, as the company has a landing page to get 2FA activated on your account. In order to do so, you’ll need to head over to Google’s 2FA landing page, and then once you click the ‘Get Started’ button, you’ll be walked through a few steps.
Once you’re ready to proceed, you’ll need to enter your current Gmail or Google account password before continuing. After you have logged in, there will be a variety of options for you to set up as your “second step” in the authentication process. You can choose from the following:
- Google Prompt
- Authenticator app
- Voice or text message
- Backup codes
You’ll need to select the option that works best for you, and while someone like myself is using the Google prompt and Text Message options, others may opt for using the Authenticator application. If that’s the path you want to follow, then you’ll want to check out an app like Authy or LastPass, which works cross-platform, regardless of whether you are using an iOS or Android device.
Once you have selected the method that works best for you, then you can rest a little bit easier knowing that your account cannot easily be accessed in the event of someone getting ahold of your password. For those of you who want even more security, you can set up a “Security Key”, which essentially lets you log into your Google account using a USB thumb drive, but you’ll want to make sure that the thumb drive is secured and on your person at all times.
Finally, there is an option for using a Backup code. Google will generate a single-use code which will allow you to access your Google account even if you happen to be offline, but need to log in for whatever reason. However, once this code has been used, it’s invalid and you will have to generate another code if necessary.
While this may seem like a daunting task at first, there’s nothing to fear and the whole process should take just a couple of minutes. If you run into a snag, hit us up in the comments below, and we will be more than happy to help walk you through the process!