Google Rolls Out Advanced Sign-In Security

Martin Brinkmann
Feb 10, 2011
Updated • Dec 14, 2014
Google
|
4

A Google account is currently only protected by a username, which in most cases is an email address, and a password. Threats like phishing, brute forcing and social engineering are very common on today's Internet that try to gain access to a user's account information to gain access to the account.-

To protect its users, Google has decided to roll out an advanced sign-in security feature for Google accounts that makes those attack forms more or less useless.

Update: The easiest option to enable 2-step verification on Google is to open the My Account settings to do so. Google has changed how the feature is enabled and this is the way to do it. Locate 2-step verification on the page and follow instructions to set it up.

The 2-step verification is currently rolled out to all users. You can check the Account Settings page to see if the "Using 2-step verification" link is already available under Personal Settings > Security.

But what does it do? It basically adds a second login step after the username and password have been entered.

using 2 step verification

It is possible to receive the code via SMS, a call from Google or with a software that gets installed on the phone so that the code can be generated directly without direct contact to Google or the Internet. The software is available for Android, BlackBerry or iPhone devices currently.

The code is a unique temporary verification code that needs to be entered during login.

Once you enable 2-step verification, you'll see an extra page that prompts you for a code when you sign in to your account. After entering your password, Google will call you with the code, send you an SMS message or give you the choice to generate the code for yourself using a mobile application on your Android, BlackBerry or iPhone device. The choice is up to you. When you enter this code after correctly submitting your password we'll have a pretty good idea that the person signing in is actually you.

A hacker would need access to both the phone and the Google login information to access the account. While that is still possible under certain circumstances it eliminates many possible attack vectors.

The verification code can be remembered for 30 days on a specific computer so that it only needs to be entered again once the 30 day period is over. There is also an option to create a one-time application specific password to sign in from non-browser based applications that do not prompt for the code.

A backup phone and backup codes can be created in case the phone gets destroyed, stolen or lost.

google 2-step verification

Users need to carry their phone with them if they want to access the Google account. They also need to make sure that the phone is accessible, as it is not possible to log in to the account if it is not. (via)

Another issue that users may experience is that some apps and services don't support the new login verification system. Google makes available app-specific passwords that can be generated on the 2-step verification website for use in these programs.

Summary
Google Rolls Out Advanced Sign-In Security
Article Name
Google Rolls Out Advanced Sign-In Security
Description
Google enabled a new authentication option called 2-step verification which improves the login security when signing in to Google accounts.
Author
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. toula said on April 24, 2014 at 4:47 pm
    Reply

    PLEASE HELP ME!

    My brother was visiting for Easter and asked to access his email acct
    He has gmail

    Since then on my Google home page displays his email acct as if he is the owner of my computer, and if I try to get access to gmail his ONE Acct All Sign In comes out
    Tried to create as a new gmail acct, and it says something about creating a secondary acct as if he is the one that owns my computer and I am a secondary acct.

    I feel that I do not own my computer anymore How can I get this out?

    PLEASE HELP!

    1. Martin Brinkmann said on April 24, 2014 at 6:33 pm
      Reply

      You need to sign out first before you sign in to your account.

  2. Bankdroid said on February 12, 2011 at 11:09 am
    Reply

    Well, if somebody has a sample of that message, I can add it to SMS Key app on Android to help using it in comfortable manner. Unfortunately it is really not available for all users. I don’t have this option neither.

  3. Ross said on February 12, 2011 at 1:08 am
    Reply

    “The 2-step verification is currently rolled out to all users.” No, it’s not rolled out to ALL users. I have that link, but when I go there, there’s a yellow tag saying “This is an advanced feature. 2-step verification for this account will be available soon.”

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.