Google Account which enables you to access services like Gmail, Docs, Google Adsense, Analytics, Orkut, AdWords and many more should be properly secured as hackers only need your one ID and password to access these all enabled services. Google uses SSL security in login as one layer of security but in case hacker manage to guess your password (if using a weak password) then your account will be compromised. To add one more layer of security on Google accounts login, they have added a new option named “2-Step Verification”. Once the 2-Step Verification is enabled on your account, you or others will have to enter a secured key along with the regular password. This is similar to the RSA SecurID which is very common in IT companies for accessing companies Intranet or other secured networks.
The verification key will be generated on your own mobile phone so it is not possible for hacker to guess that key as well. A key will be valid for very short period (say 2 minutes) and then your mobile will generate a new key. This means, you will enter different keys every time you sign-in with your Google Account. If you are access Google Services on your own trusted computer, you can choose to avoid key entering for 30 days i.e. one key will work for 30 days and you will not be asked to enter the same within that period on same computer.
Here is how you will enable 2-Step verification and how you will generate and get key from your mobile phone for Google Account.
– Login with your Google Account and select “Account Settings” from the top-right corner of Search Engine’s home page
– Click on “Using 2-Step Verification” which is available under Security section
– On next screen, you will be asked to “set up 2-step verification”. Click on that
– It will ask for the type of verification on your Smartphone. If you are using Android phone, iPhone, BlackBerry then there is a “Google Authenticator” app for these devices. You will have to download and install Google Authenticator on your Smartphone which will generate “verification key” without using any Internet service. That means, Google Authenticator doesn’t need active Internet connection or service to generate verification key.
You can also choose “None” to enable verification key to be sent on your mobile phone as text SMS. There is no charge for the same as well.
– As per your selection, either you will install app on your mobile device or get key in SMS. If you have installed an app on your device then one next screen, 2-step verification page will show you a QR Code to scan on your phone. This will add your Google Account in “Google Authenticator” and will generate a verification key for testing. Enter the generated verification (do that quickly as the key will change in 2 minutes) and click on “Verify”. Verification done for primary phone.
– In case your primary phone (the mobile phone you used in above steps) get stolen or you don’t have that with you, Google 2-step Verification with that phone is not possible. For that protection, Google provides 10 hard code number (verification keys), each will work only for once. You need to print or write those numbers on a paper and keep that with you.
– After that, you can add a backup mobile phone as well. In case your primary phone is stolen, you can ask Google to send verification key as SMS on backup phone.
Done. This way you can add extra layer of security and protection in your Google account and have peace of mind.
If you are getting error as “The code is incorrect. Try again 2 step verification” while testing the 2-step verification, then check the date and time set on your mobile phone. Your phone should have correct date and time. You can find the correct time on google by searching the keyword “local time” on Google Search Engine. Change the time and then open Google Authenticator to get new verification key. Enter the new key and you will be able to verify for 2-step verification.
You can add multiple account on Google Authenticator and get verification keys on same mobile phone for different accounts. To get more information on Google 2-Step Verification security measure, you can read details on this page. Here you will also find common issues and their fixes.
Important – Once you will enable 2-step verification on Google Account, few applications like Gmail for Mobile, Google Picasa for desktop, AdWords Editor etc. will stop working and will ask for password. At that time, you will have to give a generated password from this page as Verification Keys doesn’t work on these applications.