Two-factor authentication (2FA) is a somewhat new concept to many people, but with the wave of passwords thefts from popular sites (32 million stolen from Twitter, 117 million from LinkedIn, and over 270 million from various email services), it is almost a necessity nowadays. Google has provided 2FA for your Google accounts, for several years, and I encourage anyone who has any online asset (like a bank account)to use it – especially if you use Gmail. Often times hackers that steal this information will not try to log in to Twitter or LinkedIn, but to your email account, hoping that you have reused the password. With access to your email, someone can take almost complete control of your digital life (and finances) in only a few minutes.
Two-Factor Authentication for Security
Google’s 2FA requires you to enter a specific (but random) 6-digit code or have a secure USB stick handy when you first log-in to a Google service from a new device or a different location. Since it only appears the first time you log in, it’s not very obtrusive, but it does provide drastically increased security – since a stolen password/email combination alone is now useless to log in.
Despite the ease of getting an SMS message or using Google’s own Authenticator app (which is available on both iOS and Android), there are still lots of people that don’t use 2FA due to the very small inconvenience when you first log in on a device. Now, Google has made it even easier!
Google Prompt Makes it Easy
Instead of the 6-digit codes, users can now switch to the “Google Prompt”, which uses a simple push notification on your phone. When you log in from a new computer or location, a simple dialogue box with a message asking you if you are actually trying to log in, or if this is unauthorized access. Simply tapping on “Yes” will let you log in. No apps to open, codes to remember, or USB sticks to carry around.
You should, of course, have some sort of lock screen security, but this new Google Prompt makes 2FA even easier to set up. To set up 2-Factor Authentication on your account or switch it over to Google Prompt, go to your Google Sign-in and Security page and scroll down to “2-Step Verification”. This is available to both Android and iOS users, so if you’ve put of 2FA, you’ve got no excuse now!
One Final Word About Password Security
Additionally, if you are using the same password for multiple sites (even if you’re using small variations, like zeros for the letter-O), you really should stop that immediately. I use LastPass to keep track of my passwords, and it works like a charm. I can keep track of passwords for all my sites, generate new ones (using a variety of rules), and it can even fill in passwords automatically on a phone, tablet, or computer. LastPass costs $12/year, for a Premium account, but it also has a free tier for you to try out. Other options for password managers include Dashlane, KeePass, and 1Password, but just make sure you use one!