Hack 23: Set Up 2-Step Verification for Your Google Account
Platform All (Web)
The previous three hacks involved encrypting data on your local hard drive, but as you move to more of a Web-based existence, much of your sensitive data lives in the cloud. And because Google’s made such great Web-based productivity applications (in the form of webapps such as Gmail, Google Calendar, and Google Docs), a lot of your sensitive data is inside your Google account. In this hack, you increase the security of your Google account with 2-step verification.
The only thing standing between a hacker and your Google account — and more important, your sensitive information — is your password. Even if you have the strongest password you can possibly randomly generate, if people were to discover that password, they’d have access to all the information in your account.
2-step verification offers a more secure way for Google to verify that you are who you say when you log in to your Google account on a new web browser, through a new application, or on a new mobile device. With 2-step verification, your password isn’t enough by itself. As Google puts it:
“2-step verification requires two independent factors for authentication, much like you might see on your banking website: your password, plus a code you only use once.”4
Those two factors are:
1. Your password (just like always)
2. A single-use verification code that Google sends to your phone in one of three ways: