The Google 2-step! By Drew Kwashnak If you are one of those users with “password” as your password, might I suggest you use Google for your email, calendar and other online needs! Even if you use a password not on the list of “The Top 500 Worst Passwords of All Time” it might be a good idea to use Google’s 2-step verification. The 2-Step Verification is, in Google’s own words:
This Verification code is not another password to memorize. Instead, the verification code is generated at the time you try logging in, and is only valid for a short period of time. Even if somebody were to pluck your username, password AND verification code out of the air they are to act quickly before the verification code is expired. Corporations have made use of this verification method for years but have had to rely on distributing a keychain FOB with an automatically changing verification code. Google uses something more readily available; your phone. When turning on 2-step verification for your Google Account you are walked through the set up process. At minimum you have to supply a phone number and you have the option receiving the verification code either as an SMS (text) message, or an automated voice message. While you can change which method to receive the verification code when logging in, you cannot change where it is sent. This also means anybody trying to log into your account cannot redirect the verification code to their phone. You can, however, set up a second backup phone and method. This is helpful just in case you don’t have your phone handy.
Once you have successfully logged in, you don’t have to worry about going through this process every time. It remembers the computer you are using and afterwards it will function with just your username and password, unless you log completely out. Since most local applications, such as email or chat clients, do not know how to handle a verification code, you can create what is called Application Passwords. These are randomly generated, strong passwords that allow only applications to access your Google Applications, not a browser and not your account settings. These passwords can be easily created and deleted as necessary only after logging into the account using the 2-step Verification. This could be used for temporary use, easily changing the password every so often, or having each system or application use their password. So not only does Google add a layer of security with the additional verification code, it also separates application-level access with the account settings controls to limit the damage somebody can do if they were to gain access to your username and password. Once set up it is not a difficult process to follow, and the return of greater security is well worth it in my opinion. Drew Kwashnak spends way too much time on the web and ran across this feature from Google when his account was closed for “suspicious activity”. Since then, he hasn’t had any issues with “suspicious activity” or the like. |
That’s it! The next time you log into your Google Account, or any of the numerous Google Apps, you will get the familiar login request except when you click Sign In, you will see a page asking for your Verification code and within moments your phone will be receiving this code.
 Click Here |
 |
 |
DacsGear!
|