Google 2-Step Verification: A Good Idea

Posted on 02. Jun, 2011 by in Chrome, Chrome OS, Tips, Tutorials

Warning: file_get_contents() [function.file-get-contents]: php_network_getaddresses: getaddrinfo failed: Name or service not known in /home/thechro2/public_html/wp-content/plugins/digg-digg/include/dd-class.php on line 1202

Warning: file_get_contents( [function.file-get-contents]: failed to open stream: php_network_getaddresses: getaddrinfo failed: Name or service not known in /home/thechro2/public_html/wp-content/plugins/digg-digg/include/dd-class.php on line 1202

flattr this!

Since I rely on my Google Account for so much, I decided to give Google’s two-step verification process a try. I didn’t want one day to come to the unpleasant realization that my Google account had been hacked. Just recently Google disclosed a phishing attack originating from Chinese hackers. As mentioned in the Official Google Blog, 2-step verification is a highly recommended way to protect your account.


Basically, the way it works is this: two-step verification generates a unique 6 digit code. You then sign in with your regular Google account password then you will be asked to verify. You enter the number you previously generated and bingo! You are in your Google account. It just takes an extra few seconds and a hearty second level of security is added.

Google 2-step verification uses your mobile phone – something you likely have with you all the time – as a tool to give you an extra level of security to your account. Any mobile phone which has the Google Authenticator app can be used. Any phone you have access to really can grant you a second level of security for your Google account, but a phone of the mobile variety is obviously more convenient.

hacker1 208x300

If for some reason, you don’t have access to your mobile phone, you can use a backup phone number to generate the numeric code, or a code from a sheet of 10 codes you’ve printed out previously. What the application does is generate a one-time verification code. Then, you sign in with your regular password and are prompted to enter that one time only code. It’s pretty simple. This code will apply to all your Gmail services until you sign out of your Google account.

Set up time for this feature is 10 to 15 minutes. Here is the run down on the steps to login to your Google account once this feature has been implemented:

Any computer:
(1) Enter your regular password. You will be prompted for your verification code.
(2) Generate new verification code.
(3) Enter verification code.

How it works with your Google Account in your smartphone:
(1) You will need to generate an application specific password. Note that this application only password is different from a numeric verification code.
(2) Enter the application specific password. You will need to do this only one time. You will not be asked for an application only password or a numeric verification code on your mobile phone ever.
(3) Revoke the password should you lose your device via your Google account settings.

For those of you curious on how it will work on your Cr-48 or the upcoming Chromebooks:
(1) Logging into Chromebook is normal. Just use your Google password.
(2) Once you’ve logged into your Chromebook, you will need to generate a one-time only application specific password when trying to login to a Google service.
(3) From then on, you will be asked to enter your numeric code when you sign into your Google account via Gmail or other Google application.

My experience with this feature has been pretty good. No real complications. The trickiest part was that there are some applications that require that one-time application specific password.

One thing that confused me a bit in the process was realizing that I had to generate an application specific password for Chrome Sync. Note: you’ll be prompted anytime you’ll need such a password and you only need to do it once. Under your two-step verification settings, you’ll have the option to revoke it.

Google’s two-step verification isn’t for everybody. It may be a tad too much trouble for some to enter to generate that verification code and enter those digits every time you log in. However, I find Google two-step authentication very much worth the trouble. For me, investing a few more seconds in securing my Google account is a good investment of my time.

For Google’s full instructions on how to activate 2-step verification, click here.

Are you using 2-step verification?

  • services sprite
  • services sprite
  • services sprite
  • services sprite
  • services sprite
  • services sprite
  • services sprite
  • services sprite
  • services sprite

Related posts:

  1. Google Account Two Step Verification: Is it Worth Your Time?
  2. How to Enable Automatic Google Services Login Through Chrome 15
  3. Understanding Single Sign-On in Google

Tags: , , , , ,

3 Responses to “Google 2-Step Verification: A Good Idea”

  1. Nate Tucker

    02. Jun, 2011

    i wish you could set this up but then only activate it after you got hijacked.

    it would be wonderful to rescue your account by proving that you’re you. but if that never happens, logging in with the code every single month (and every time you use a friend’s computer) is a huge hassle.

    google’s trying to make it so we use the cloud and not individual computers. but this 2-step process is only convenient (or semi convenient) if you use the same machine all the time.

  2. [...] Read original article… Share this:EmailPrintFacebookStumbleUpon 0 Comments – Leave a comment! « Previous PostNext Post » [...]

  3. chowlee

    09. Feb, 2013

    this is so shitty. why the hell do want so much info while proclaiming to make it soooo easy

Leave a Reply