Google's two-factor sign-in: Use it

Google's two-factor sign-in: Use it

Summary: The search giant had two step verification in Google Apps, but is now rolling it out to the masses. In a nutshell, the extra verification step means your Google account is harder to hack.

SHARE:

Google's move to add an advanced sign-in to its consumer accounts is welcome and should be adopted by you pronto.

The search giant had two step verification in Google Apps, but is now rolling it out to the masses. In a nutshell, the extra verification step means your Google account is harder to hack.

There's nothing revolutionary about Google's advanced sign-in---most of your online financial accounts already do something similar---but it's recommended that you follow the procedure to prevent your account from becoming a spam sending engine. Anyone that has had a poor password swiped knows you can easily send a few million spam message if you're not diligent.

Also: Google intros advanced sign-in feature

Google explains:

Take your time to carefully set up 2-step verification—we expect it may take up to 15 minutes to enroll. A user-friendly set-up wizard will guide you through the process, including setting up a backup phone and creating backup codes in case you lose access to your primary phone. Once you enable 2-step verification, you'll see an extra page that prompts you for a code when you sign in to your account. After entering your password, Google will call you with the code, send you an SMS message or give you the choice to generate the code for yourself using a mobile application on your Android, BlackBerry or iPhone device. The choice is up to you. When you enter this code after correctly submitting your password we'll have a pretty good idea that the person signing in is actually you.

That verification code will be good for 30 days.

Here's the sequence you'll see shortly:

Topics: Storage, Data Management, Google

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

19 comments
Log in or register to join the discussion
  • Thought I had it, but don't. Wait, wait, wait (sigh)

    More waiting....taps fingers on desk, checks, wait....

    Hurry up and wait.
    Nice work Google!
    Dietrich T. Schmitz, ~ Your Linux Advocate
    • RE: Google's two-factor sign-in: Use it

      @Dietrich T. Schmitz

      Hi - it may take a couple days to be available for all Google Accounts.
      NishitShah
  • RE: Google's two-factor sign-in: Use it

    Is this going to break all the Google Reader mobile apps?
    joeyw72
    • RE: Google's two-factor sign-in: Use it

      @joeyw72 <br><br>It will likely require an application-specific password for each application on each computer. The nice part is that you can revoke the password at anytime, breaking it for the person who may have stolen your computer (or phone).
      Jason@...
  • RE: Google's two-factor sign-in: Use it

    Will this be a required step or do we have the choice not to go two-factor?
    jehill1949
    • RE: Google's two-factor sign-in: Use it

      @jehill1949

      It opt-in. :)
      NishitShah
  • RE: Google's two-factor sign-in: Use it

    Awesome! Can't wait to secure my personal email address. With two-factor authentication, SSL client access, TLS encrypted transport, and sender authentication, we are on the way to trusting email a little more.
    Jason@...
  • RE: Google's two-factor sign-in: Use it

    Hey i've got a great idea three factor sign in....wheres my bonus?
    XDotNet
  • Nah...

    ...don't think so.
    james347
  • What abt already hacked google account ??

    But what about the google account which has been already compromised ?? Does google trying to check those as well ??
    kapalkailash
  • Not convinced

    So I have to tell Google my phone number? I don't fancy that.
    RogerInHaddenham@...
    • U.S. 'way' behind Europe on two-factor authentication

      @RogerInHaddenham@...

      Two-factor authentication is standard fare in Europe. Get used to it, b/c it eliminates all of the usual 'hack' man-in-the-middle cracks that are, quite frankly, running rampant on the Internet.

      ZDNet would do well to do same and they'd get rid of the 'rif raf' and improve the quality of the Talkback forum in one fell swoop.

      Larry Dignan, this is pretty easy to implement:

      h-t-t-p://www.phonefactor.com/
      Dietrich T. Schmitz, ~ Your Linux Advocate
      • RE: Google's two-factor sign-in: Use it

        @Dietrich T. Schmitz, Your Linux Advocate ...
        "Get used to it"!!!
        ..."running rampant on the Internet". :-O
        Hmmm. I take it you meant 'riffraff'.
        Yes, Get right on that, Larry.
        RDrrr
        • Good Catch!

          @RDrrr
          What are you, the Typo Police?
          Dietrich T. Schmitz, ~ Your Linux Advocate
    • your phone number....

      @RogerInHaddenham@...Don't worry: Google probably already has your phone number, just wants you to verify it...
      Common+Sense
  • RE: Google's two-factor sign-in: Use it

    I have no desire to use this two-factor service. None at all.
    Marc-LI
  • RE: Google's two-factor sign-in: Use it

    This procedure rashly assumes you have a mobile phone.
    garycoryer@...
  • RE: Google's two-factor sign-in: Use it

    It's a great idea *unless* it's not possible to contact you by phone, for instance if you are traveling outside of the US. There needs to be an alternative to receiving the code by text messaging.

    Katrina
    katrinakvr@...
  • RE: Google's two-factor sign-in: Use it

    It's nice for the folks at Google that they all live where there is fast internet and good cell service. It must also be nice for them to believe that everybody lives in that world.
    guywayne