Google has now set the bar a little higher for Internet account security. Now the super-paranoid (like yours truly) can further secure their Gmail through the use of Google’s new two factor authentication system.
While not as cool as as using YubiKey for LastPass you can now use your phone to generate a one time password to gain access to your Google account. As I’ve covered before, you shouldn’t be using the same password for multiple online accounts, but you really shouldn’t be using your main email password for anything else, as it is the go-to place for account recovery. But even if you are, this additional layer of security will make compromising your account nearly impossible.
Over the next couple days, all Google account users should see the Account Settings page get updated with a “Using 2-step verification” link. Google Blog explains the process:
Take your time to carefully set up 2-step verification—we expect it may take up to 15 minutes to enroll. A user-friendly set-up wizard will guide you through the process, including setting up a backup phone and creating backup codes in case you lose access to your primary phone. Once you enable 2-step verification, you’ll see an extra page that prompts you for a code when you sign in to your account. After entering your password, Google will call you with the code, send you an SMS message or give you the choice to generate the code for yourself using a mobile application on your Android, BlackBerry or iPhone device. The choice is up to you. When you enter this code after correctly submitting your password we’ll have a pretty good idea that the person signing in is actually you.
If you’re using chat clients, or ActiveSync on an iPhone that isn’t web based to verify the second one time password, you can also set up one-time application-specific passwords to sign in to your account. This means each device will have a specific access code, further decreasing the ability to compromise your account if that password is stolen.
While I do not currently have access to 2-step on my account, Frank activated it on his and said the process can be a bit daunting for the “average” user… but none of our visitors are average, so knock yourself out!