While I was doing an article on apps that really didn’t do anything, I ironically stumbled across a bevy of apps that were released by Google which I found to be quite useful.
For this post, I am going to look at the security that Google’s Authenticator offers. I believe that Google is a pioneer in offering a 2 factor authentication system for their password protected services.
The dangers of depending solely on your password
The recent hacking scandals have amplified the dangers on relying solely on your password for email access. Once your password is compromised (and believe me that it can be), the attacker can request a password reset on all other services such as Facebook, Skype, or MSN that have registered with that email address.
Google’s Added Layer of Security
Google Authenticator acts as a 2nd layer of security for you email. Similar to a bank’s security token, the App generates a random unique code which you have to input in addition to your Gmail password.
As a new code is generated, Google’s servers simultaneously generate the same code. This code is only valid for a 30 second window for you to input on the log-in screen before it switches again.
So essentially, a person that is trying to hack your email password will have to also steal or hack your phone.
Here’s what you need to do
(1) Downloading the Google Authenticator App
(2) On a computer, sign in to the 2-step verification settings page.
(3) Click Set up 2-step verification.
(4) Select iPhone from the drop-down menu and click “Next.”
(5) Click + on your Google Authenticator App and use your phone to scan the barcode.
(6) Follow the on screen instructions
After setting up, you will be logged out of all your Google related accounts, you will be required to sign in again with your password and the unique passcode generated on the Google Authenticator App.
Logging in with your iDevice
Using your iDevice to log into your Google services require an Application specific password that replaces your normal Gmail password. You can generate this on the setup process and use them on your device in lieu of the password. In this case, I went to change my iPhone’s Gmail password to the specific password generated to be able to access my email. You only need to input this once.
What if You lose your iPhone
In the event you have lose your iPhone, you get to select a phone number to send the verification code to. This can be done via an sms or voice. Alternatively, you can pre-generate a list of 10 verification codes which can be used (once) for logging in.
Either way, use the verification code to log in (which will last for 30 days) until you find or buy a new phone.
I got the whole process done in 5-10 minutes and found the process pretty straightforward. I urge those of you that use Gmail (Google related Accounts) to use this authentication system to tighten up your security.
Google Authenticator is available on the App store (free). You can also watch the demo video that introduces this service:
What do you think about Google’s 2-step verification?