23 June 2016

How to Turn on 2-Step Verification on Your Google Account

Leave a Comment
From single Google account, you can easily manage your YouTube, Gmail, Google Plus, Facebook and other social accounts at the same time. It's very important to keep it safe and secure. Once your Google account will be hacked, hacker can easily gain access to your other social accounts as well. For example, he can easily hack your Facebook and Twitter account by requesting a new password or if you're using the same password everywhere.

Google 2-Step Verification

Google is also trying every single effort to protect their users from spammers and hackers. One of the most popular feature is 2-step verification which adds an extra security layer to your account so that no one can access your private information even if they got to know about your password. In this tutorial, I will explain you everything about this feature and how to turn it on your Gmail account.

What is 2-step verification? How does it works?

2-step verification, also know as "2-Step Authentication", is a feature which adds an extra security layer to your account. Normally, you need to type the email address and password to login to your account. But when this feature is enabled, you've to type another OTP (one time password) to complete the login process.

This OTP is a 6-digit number which is sent on your registered mobile number each time when someone (you or the hacker) will try to access your account. Only you can get this security code, so no other person can hack your account. As name itself speaks, 2-steps means you've to pass 2 security checks. First one by entering the real password and second one by entering this randomly generated security code.

Even if the hacker got to know about your email address and password, he need to type this second security code in order to get the complete access to your account. And of course, this code isn't easy to get unless they have your mobile phone.

Steps to turn on 2-step verification

Now if you want to enable this 2-step verification in your Google account, simply follow these steps -
  1. First of all, go to Google's two-step verification page and click on "Get started" button.
  2. Now type your email address and password to login again.
  3. Here you'll find your mobile number that is already associated with your account. You'll receive all text messages on this number. So make that it's correct and working. Also, add the correct country code.

    Set up the phone
  4. Under "How should we send you codes?" section, select "Text message" or "Voice call" option as per your own choice and then tap "Try it" button.
  5. Now Google will send you a 6-digit verification code on your mobile number. Simply enter it in the given field and press "Next" button. If you don't get any code, please re-check your mobile number and try once again.

    Enter the code
  6. After processing, it will show a success message. To enable this 2-step verification, simply click "Turn on" button and that's it.

    Turn on 2-step verification
Now you'll receive a confirmation email in your Gmail inbox showing that you've successfully enabled this 2-step verification in your Google account. Next time, you'll be asked to give a security code along with the normal password to complete the login process.

If you're using your personal computer, you can tell Google to trust it and then, you don't need to type this security code each time. Google will automatically remember it. However, for other devices, you've pass this 2-step verification as usual. To add your current device in a trusted list, simply tick mark "Don't ask for this computer" option while logging in to your Google account.

Different ways to generate code

Apart from text messages, you can also use other methods to generate security code for the verification process. Here's a complete guide -

Use backup codes

In case, if you're unable to access your mobile phone at a particular time, you can use backup codes to complete the login process. These codes come in a set of 10 and they are 8-digit numbers. (see below picture)

Backup codes

Instead of typing the verification code, you can type any of the backup code to login. Note that, each code will expire after one use. However, you can generate a new set of backup codes any time. In addition, old set will expire automatically.

To get your backup codes, first go to the 2-step verification page and click "Show/Setup backup codes" option. Now manually copy all the codes on paper, print them or save them in a txt file in your computer. As these backup codes are important so you should keep them in a safe place.

Use Google Authenticator app

Google Authenticator is an app which is used to generate security codes if you don't want to receive them via text messages. Good thing is that, you don't need any Internet connection and mobile service to use this app. This works in the same manner as Code Generator works in case of Facebook. You can download this app from your phone's app store like from Google Play in Android phones. It is also available for iPhone and BlackBerry platforms.

Use security key

This is another way to add an extra security layer to your Google accounts. If you don't want to type verification codes each time, you can use security key as your primary choice. At the time of login, you just need to insert this security key (a physical device but not same as pen drive) into your computer's USB port when asked.

You've to buy a special kind of device (or USB) named as "FIDO U2F Security Key" which you can order from Amazon. They are easy to carry in pocket. Unfortunately, this feature isn't available in Android phones as they don't have USB ports. Security key also doesn't work on browsers other than Chrome.

Add a backup phone

You can also add a backup phone of your family member to get verification security codes in it, if you're unable to access your primary mobile number. This can be helpful if your phone is broken, lost or stolen by someone. You can request a new security code any time on your backup phone. To add it, again to the 2-step verification page and click "Add a phone number" option under "Backup phone" section.

Application-specific passwords

Some apps such as Gmail, YouTube or Outlook on iPhone and iPad don't work with verification codes. While logging into your account, you'll get an error message. If you're facing the same problem, you've to create an application-specific passwords manually for each app to login your account successfully.

To create these passwords, first go to your App Passwords page (It may ask you to login again). Now select the app and device name and finally tap "Generate" button. You'll receive a 16-digit security code that you've to enter for that particular app.

Generate application-specific password

Fortunately, you just need to verify this one time only. Then after, Google will automatically remember it. You can also revoke app access any time. For example, If your phone is stolen, you should immediately revoke all app access to your account so that no one can access your private data.

Add recovery options

In case, if your forget the password or can't get the security codes, then how can you sign in to your Google account? Well this can be possible with recovery options. You can add your family member email address and mobile number to recover your account by requesting a new password.

To add these recovery options, first go to the sign-in and security page and login to your Google account. Under recovery section, you can easily change or add a new recovery email address and password for your account.

How safe and secure 2-step verification is?

There is no doubt that 2-step verification is a great way to protect your account from hackers and it actually adds a double-layered security. But still you've to be very careful. There is no guarantee that you're 100% safe and secure. Now a days, hackers are trying different ways to break Google's security. They may send you a message asking for your password or security code. Around 70% of people are hacked due to their carelessness. Remember that, Google never ask for any personal details.

You've to keep two little things in your mind and this is all what you can do. First one is, you should use a strong password (more than 10 digits) which isn't easy to hack and guess. Use number and special character in it. Secondly, don't share your security code with anyone, even if they pretend to be an official.

If you think you're hacked, you should immediately change your password or recovery it before it's too late. Also, revoke all app access to your account. This is all what you need to know about Google's two-step verification feature. If you've any doubts, feel free to ask me in below comment box. What do you think about this feature?

Leave A Comment