Beef up your Google account using Google's two-step verification

Chip Oglesby bio photo By Chip Oglesby

Amidst all the talk of recent hacks, I decided that it would be time to use Google’s new two-step verification process for my account.

Using Google’s new two-step process will make it harder for someone to access your account if they try to guess or steal your password. This extra layer of security prevents someone from completely hijacking your account.

This service is also available to both individual and Google Apps accounts.

Watch the video below to get a better understanding of how this process works:

The verification process works with the follow systems:

  • Blackberry

  • iPhone

  • Android

  • iPad

  • iPod touch

  • Text messages

  • Phone calls

The method that we’ll focus on is setting it up using an Android and iPhone.  In the Android Market and iTunes Market download the program called: Google Authenticator. You’ll need that for step two of the process.

Once the program is installed, if you plan on using both phones like I do, you’ll need to go through the process with them together at the same time. If you don’t you’ll have to start the process all over again, like I did.

Head over to the two-step verfication page and get your phones ready to scan the barcode.

To link your phone to your account:

Using the QR code: Select Scan account barcode. If the Authenticator app cannot locate a barcode scanner app on your phone, you might be prompted to download and install one. If you want to install a barcode scanner app so you can complete the setup process, press Install then go through the installation process. Once the app is installed, reopen Google Authenticator, point your camera at the QR code on your computer screen.

Using secret key: Select Manually add account, then enter the email address of your Google Account in the box next to Enter account name. Next, enter the secret key on your computer screen into the box under Enter key. Make sure you’ve chosen to make the key Time based and press “Save.”

In my experience the Google Authenticator app did not work for the iPhone so I was forced to enter the secret key in manually.

Once two-step verification is turned on,your phones will stop working. This is normal. You’ll need to go in and create an Application-specific passwords for both phones.

Application-specific passwords

These are passwords that you’ll have to enter for every program that you use that does not reside on Google’s servers. For example, it could include the following:

  • Google Voice App for the iPhone

  • Gmail for the iPhone

  • Google account access for Android

  • POP and IMAP email clients such as Outlook, Mail and Thunderbird

  • Gmail and Google Calendar on smartphones

  • ActiveSync for Windows Mobile and iPhone

  • YouTube Mobile on Apple devices

  • Cloud Print

  • Installed chat clients such as Google Talk and Adium

  • Picasa, 3D Warehouse, Sketchup, and installed applications

  • AdWords Editor

  • Sync for Google Chrome

The good thing about the ASP’s is that you’ll only have to enter them once, making the program more secure.

Logging into your account

Once everything is set up, you’ll probably want to log into your account for the first time.

When you pull up the Gmail screen you’ll be prompted to enter your username and password. The sign in button has been changed to verify and you’ll need to enter a time based password from the Google Authenticator program. This password changes at random intervals to ensure a safe log in method.

You’ll have to do this with each browser and each computer that you use, which can become a pain, but it can remember your account for up to thirty days.

One downside to this approach is that it’s harder to log in from someone else’s computer if you don’t have your phone with you. Fortunately, Google will give you a print out of 10 codes that always work. They recommend you store them in your wallet, I recommend you memorize some of them and destroy the card! You can never be too careful.

If you don’t have your phone or your wallet, the third option is a phone call from Google to a trusted phone number you have. If you don’t have any of these options available, you might want to give up on checking your email for the time being.

Things to consider

  • This process is much easier if you have a smartphone

  • This process does depend on your smartphone so don’t lose it

  • If you lose your phone, there are other options for recovering your password

  • Logging into your account without access to your phone is difficult, so that that into consideration.