You might have heard that Google offers the users something called ‘2-step verification‘ (here 2SV for short) – a procedure recently discussed in one of my favorite podcasts, EdReach Google Educast. However, I feel the brief discussion in GE#62 didn’t quite hit the mark and some viewers/listeners might wonder if 2SV is any good at all (it sure is) or if it makes any sense using it (that depends). So, let’s dig a bit deeper.
What is 2SV and how does it work?
Google 2-step verification is a way to add (lots) of extra security to your Google account. The approach is well known and proven since way back when and it works by verifying the user’s identity in two separate ways: something the user knows (the password) and, additionally, something he or she has (in this case, a unique code).
Who needs it?
Let’s imagine this scenario: you try to log in to your Google account but it just doesn’t work – either someone has hacked your account or Google has quite simply locked you out, for whatever reason (yes, it will happen). How do you react?
A: You try to log in again a couple of times, still no luck. You say to yourself: ‘Shoot, tough luck. Guess I’ll have to create another Google account – no big deal.’ Your next move is to grab a cup of coffee, get some real work done and then, later, fix a new account.
Okay, fine – you don’t need 2SV and there’s really no need for you to read any further.
B: You try to log in again, and again, still no luck. Silent swearing – what can be wrong? One more try but it just doesn’t work. You’re getting worried and decide you need help from Google in order to access your account. Slowly, you realize that it will most probably take quite a while – days, perhaps weeks or even longer – until you will (hopefully) get access to your account that has been the key to your digital life for several years. You’re sweating slightly, your pulse rate is way above normal and you know you will get very little work done today, or tomorrow. And what about all those thousands of private photos in Picasa, kids growing up and everything? Lots of great memories!
This is you? Yup, you really should consider two-step verification.
Do I need to be a rocket engineer to get started?
No you don’t – even I pulled it off. You do need to follow the instructions carefully though, and it doesn’t hurt to have someone who has done this before to hold your hand if you get stuck. Of course, there are tons of additional walkthroughs available, like this good one from ZDnet.
What about those weird ‘application specific passwords’?
Well, unfortunately not all Google services work with 2SV right out of the box and this is the reason you’ll need to use some ‘application specific passwords’. However, these are generated by Google and all you need to do is to punch them in once, then you’re all set. Read the instructions!
Is 2SV complicated to use?
There is no single correct answer to this question but my opinion is that it is not complicated at all. There are several ways of getting the extra security code needed to log in; one of them is by sms (I hardly ever use that), another by using the smart phone Authenticator app (my favorite, no cell coverage needed) and then you should definitely also print a bunch of one-shot codes to have in your wallet.
Really important stuff
It is really, really important to understand that if you don’t have your phone, the only way to get access to your account is to provide the correct password and use one of the codes you printed earlier. Be sure to print those codes and put them in your wallet! After you’ve used one of the codes, cross it out – the same code can’t be used again. Of course, you can always print a new batch of codes when you need to.
Do I really need an extra code every time I log in?
No you do not. You can authenticate the browser in any device you use to log in without using the extra 2SV code – but for 30 days only. After the 30 day period you will have to use the 2SV again.
So you think all this is easy and convenient?
Well, perhaps not but hey, at least there’s a choice. A fact is that 2SV can make your day, probably without you ever finding out. Last but not least: in case you’d find errors in my text, please let me know – that would make my day!