Google is going to start enrolling all of its users in two-step verification, if they haven’t set it up already. Will it come as a shock to some? Sure. But that’s fine; the surprise will fade away, leaving accounts that are much more secure than they were previously, especially for those people who use easy-to-guess passwords or, worse, reuse the same passwords for all of their services.
But why wait? There’s no reason you can’t start using Google’s two-step verification today. You’re going to have to anyway, so might as well set it up on your own terms rather than being surprised with it in the near future.
Before we begin, though, I urge you to run through Google’s quick Security Checkup feature, which can help you identify problems associated with your account. That includes everything from crappy passwords, to the two-step verification I’m talking about, to even instances where you haven’t used your Google account on various devices across a long period of time (so why let the device continue to access it?).
In a perfect world, you’re going to want your Security Checkup to look like this:
And if you haven’t enabled two-step verification already, you’ll get a big warning as part of the checkup. To get started setting that up, all you have to do is visit the two-step verification section of your Account Settings. Google will walk you through the process of setting up your account with your phone number (if you haven’t already), which will give you the default “Google texts or calls you with a code” experience for logging into your account.
I recommend clicking on Show more options, which will let you set up a Google Prompt. This will require you to have physical access to your device in order to confirm a login, which is a bit safer than getting a code sent to you over text. If you’re really baller, you can use a physical security key to log into your Google account, but even I don’t do that. (And I should, I’m just being lazy.)
If you’re on Android, this prompt will appear on your device automatically. On iOS, however, you’ll need to install the Google app, Gmail, or Google’s Smart Lock app before you see the notifications.
Once you’re all set up, you can revisit Googles’ “2-Step Verification” page to change your login mechanism, either swapping what you have or adding new measures as a secondary way to log into your account. How deep you want to go is up to you; the more ways you make it easier for you to log in, the easier it could be for someone else to uncover your technique and use it themselves.
I probably have too many techniques at the ready, but they mostly rely on having physical access to my device. I only use voice/text messages as an authentication mechanism for convenience, as I’m often logging into multiple devices I’m reviewing or using for an article. (Sometimes, the prompt method screws up for whatever reason.) In a perfect world, though, I’d just use said prompt or my authenticator app. That’s all you really need.
Leave a Reply
You must be logged in to post a comment.