Using 2-step verification

Uploaded by Google on 27.05.2011

Do you ever use the same password for multiple websites? Do you ever sign in to Google Mail
from a public or shared computer? Such actions weaken your password and make it easier to
steal. Google now offers 2-step verification, an optional security feature that helps protect
your account even if your password is stolen or cracked. This new feature helps improve
security because signing in requires 2 things -- something you know -- your password -- and
something you have -- your phone. It’s much like what you might see on your banking website.
With 2-step verification, you'll get a short numeric code -- known as a verification code
-- on your phone. You'll then enter this in addition to your username and password when
you sign in. Let’s take a look at how you’ll sign in
with 2-step verification. After you sign in with your username and password, Google will
ask you for a verification code. If you chose to receive a text or voice message
when you set up 2-step verification, Google will then send it to you on your phone. If
you’re an Android, BlackBerry, or iPhone user, you can also choose to generate a code
on your phone using the Google Authenticator app.
Enter the code from your phone. If you trust this computer you can check this
box and you won’t be asked for another verification code for 30 days.
To set up 2-step verification, sign in to your Google Account and go to your Account
Settings page. Then, click "Using 2-step verification." On the next screen, click "Set up 2-step verification."
Follow the directions on your screen to choose how to receive 2-step verification codes.
You can receive your verification code in an SMS text message, in a voice call to your
landline or mobile phone, or by generating a code using the free
Google Authenticator app on your Android, BlackBerry, iPhone, iPad, or iPod Touch.
But what if your phone is unavailable, lost, or stolen? Next you’ll add two backup options
for receiving verification codes. Write down or print your backup verification
codes. You can use these in case your phone is not
available or if you are traveling. Keep them in a safe and accessible place.
You’ll also need to add a backup phone that you can use if you lose access to your primary
phone. This can be a work or home phone, or the phone of someone you trust, like a friend
or family member. 2-step verification protects your Google Account
whenever you sign in from a web browser. However, devices and applications -- like smartphones,
the Picasa desktop application, and Microsoft Outlook -- can't ask you for verification
codes, only your username and password. In order to help keep these applications safe,
you’ll need to use a special password, called an application-specific password, instead
of your regular account password. Application-specific passwords are generated by Google upon your
request, and you do not need to remember them since you should only need to enter them once!
To illustrate, let's set up the Mail app on an iPhone using an application-specific password.
First you need to create an application-specific password. Go to your Account Settings page
and click "Authorizing applications & sites." Enter the name of the application this password
is for -- in this case, "Gmail on my iPhone." Then, click generate.
Enter the application-specific password on your iPhone … And you’re done!
We know application-specific passwords are long and hard to remember -- that's why you
don't have to! You should only need to enter these passwords once per application or device,
and you can always revoke and generate a new password if needed.
Thanks for trying 2-step verification and kudos to you for taking extra steps to protect
your account!