Google has always worked hard to make sure Gmail is secure and they’ve done a great job with it. However, with so many people having so much in their Google accounts, it’s becoming even more important.
For example, here are a few of the things tied to my Google account:
- Gmail — Nearly 100,000 emails from the last 7 years.
- Google Reader — Where I get most of my news.
- Google Voice — Where I send/receive most of my calls and texts.
- Google Calendar — All of my appointments, shared with various people.
- Google Analytics — Web traffic stat program for my sites and many of my client’s sites.
- Google AdSense — Their ad program, where much of my income comes from.
- Google Docs — Where I store many of my documents and spreadsheets.
- YouTube — I don’t have a ton of videos up there, but I’d hate to lose them.
Needless to say, losing access to my account would be very bad. You’re likely in a similar situation, at least to some degree.
Fortunately, Google has just given you an option to make your account much more secure, and I recommend you enabled it. It’s a feature called “2-step verification”.
2-step Verification
So what is? Rather than simply entering a password (“something you know“), you also have to type in an ever-changing password from your phone (“something you have“). This means that if someone steals/guesses your password, they still can’t get in without your phone. If someone steals you phone, they still can’t get in without your password. I’m sure you can dream up a scenario where someone gets access to both, but you’ll have to admit that this is much more secure than a simple password.
How does it work?
Google has a nice page with info about it, but you simply need to enter a code from your phone after you type in your normal password. This code can be generated by an iPhone/Android/BlackBerry app on your phone, or sent to you via SMS or an automated phone call. In any case, this proves that you have your phone on you, which no random hacker will have access to.
What a pain!
This sounds cool, but it sounds like a lot of extra work, doesn’t it? Two thoughts on that:
- Yes, yes it does. But how important is your data? A few extra minutes worth of work is certainly worth the extra protection.
- You can have your computer remember your info for 30 days, so you won’t need it very often. Once you get it set up, it’ll be fairly rare that you’ll need to do it again.
How do I get started?
To get started, go to your main Google Account settings page and click on the “Using 2-step verification” link on the right. Google is still rolling this out to all accounts, so yours might not be active yet.
This feature is also available to Google Apps users, but you may need to visit this link for info.
Get started now
I think this is an awesome new feature to have and I’m excited to be able to add it to my account. Losing access to this account would be quite horrible, so any extra protection I can add will be excellent. Don’t waste time thinking about it; if this is available for your account, go enable it right now!
Have you enabled this feature on your Google account yet?