For the first few days of the 12 Days of 2FA, we’ll focus on two-factor authentication for email. When you forget or lose your password, services will often email you to confirm your identity and reset it. This makes email the golden key to all of your other online accounts. If your email password is compromised with no second layer of authentication to back it up, an attacker can easily access your other accounts in a domino effect.
You can enable 2FA for your Gmail account on Google’s single settings page, so your new, more secure settings will apply across other Google services like Google Drive and Google+. Google calls it “two-step verification,” but the idea is exactly the same: if signing in requires something you have (like your phone) as well as something you know (your password), then your account has an added layer of protection.
-
Click on your profile picture in the upper-right hand corner and click “My Account.” From your account page, choose “Sign-in & security.”
-
Select “2-Step Verification” under “Password & sign-in method.”
-
At this point, before you make log-in changes to your account, Google may ask you to enter your password and sign in again.
-
Now you can set up 2FA. Click “Get started.”
-
Enter your mobile phone number. You’ll need to be able to receive text messages and/or voice calls at this number. Choose which you’d prefer and click “Try it.”
-
Soon after you click, you should receive a text or call with your code. Enter just the numbers, without the “G-” prefix, and click “Next.”
-
Click “Turn on.”
Now you’ll be back at Google’s 2-Step Verification settings page, where you can set up an “alternative” second factor in case you cannot receive texts/calls. Keep in mind that the general default option of receiving codes via SMS is vulnerable to interception by your telecom and others and is less secure than other available methods. Google’s Authenticator app is one popular choice: it generates free, one-time passwords and is supported by a range of services, including Facebook, Dropbox, and Microsoft.
Additionally, you’ll want to create app passwords if you access your Gmail on third-party devices or applications like an iPad or iPhone, Thunderbird, or Outlook. App passwords are for devices and applications that do not support logging in using a one-time verification code. Most of the time, you’ll only have to verify and enter an app password once for each app or device.
Stay tuned for more posts on two-factor authentication during the 12 Days of 2FA.