In the last week Mat Honan of Wired Magazine has written a series of articles on how his digital accounts were hacked. In one day he lost control of his Twitter, Gmail, Amazon account, Apple ID and perhaps worst of all, lost everything on (and access to) all of his Apple devices including his iPhone, iPad and Mac. Though Apple and Amazon are acting to improve their security flaws, its time to face the facts, when a 19-year-old can hack your entire digital life it’s time to step up your security. Wired has in fact released a wonderful general list of strategies to make your online life secure.
As you will read most of this destruction could have been prevented with Google 2-step verification. This by no means will make you “hack-proof” (quite frankly hackers always surprise and amaze me with their cunning and innovation) but it’s a step in the right direction. I’ll admit I had used 2-step before and turned it off because I hated having to verify myself every time I logged in, but the system has evolved. You can now set certain computers as a “trusted device” (only do this on private or secure computers) and when you log on from that particular device you will no longer need a verification code. Honestly, you may never be hacked, but Honan’s story has demonstrated that if you are then the cost of not using extra security measures is much higher than we ever imagined. What follows is a quick guide to setting up Google 2-step and an ingenious app that will make your life a little easier while using it.
To Set Up Google 2-step:
- In your Google account, in the top right hand corner you should see a downward facing arrow next to your profile image (or a little blue silhouette of a person). Click the arrow and a drop down menu with your profile information should appear, click “Account”.
- Next, on the left hand side you’ll see a sidebar menu. Click “Security” (one down). You will see a simple page with three options: Password management, 2-step verification, and Authorizing applications and sites. If is says “Status: Off” to the right of 2-step verification, to enable is click “edit”.
- You’ll see a set up screen that explains the steps that follow. First, since you are altering critical security steps, you’ll have to log-in again. If you have not already, you’ll then be prompted to add your cell phone number (it’s okay) on which you can receive texts or voicemail. You’ll soon see a little box with “verify” next to it, Google will send either a text or voicemail (whichever you chose) with your 6-digit verification code in it. Type it into the box (If you’re on your own computer you can select the box underneath that says trust this computer – this means you will no longer need a verification code when you log in on that computer) and click verify.
- You’ve just set up Google 2-step! Anytime you log in on a new computer or a computer that is not a “trusted” computer, you will be asked to verify your log-in. You’ll get the code the same way you did during set up via text or voice message. If you want to turn it off follow steps 1-2 and select “Turn off 2-step verification” in the blue box at the top of the page.
See Google’s tutorial on 2-step verification. If you use Outlook or Mail (or similar applications) to read your email you’ll have to generate specific passwords for them (Don’t worry you should only have to do it once!).
Smartphone users: The app that changes everything.
This app offered by Google was a game changer for me. It provides you with verification codes without the wait. It is also quite easy to configure.
- First you’ll need to go to your app store (or market, etc.) and search for Google Authenticator. Download and open the app. Tap the “+” sign and at the bottom of the screen, tap scan barcode.
- After setting up Google 2-step (see above), follow 1-2 again. Once you’ve clicked the edit button on the right of “2-step verification,” you will see the section “How to receive codes” and underneath it Mobile Application. On the right you will see Android, BlackBerry and iPhone; click on your phone (this tutorial is specific to iPhones. To see Google’s tutorials for BlackBerry and Android click Here.). A barcode should appear.
- Lift your phone and scan the barcode. You should see your email address and verification codes beneath it. On your computer, type in the 6-digit code in the box under the barcode and click verify. You should be all set!
You can use these codes to log-in at any time. If you have questions, or feel I left out something just let me know in the comments section!