More and more these days people are relying on using Google as their main way of using services online such as email, in the form of Gmail, or for backing up their important data like pictures and documents to Google’s free file storage service, Google Drive. However, most people use a single password in order to gain access to their Google account which can make it a lot easier for hackers to gain access to. Luckily, Google has created a very simple way for users to add an extra layer of security for their accounts in the form of 2-Step-Verification. This also means that even if someone knows the password for your Google account, they would still have to be able to get passed Google’s 2-step-verification in order to access your account on another device.
Having 2-step-verification, or 2FA as it is sometimes called, enabled for your Google account is the one thing that many people don’t ever bother getting around to until it is too late. However, getting it set up on your account is a pretty simple thing to do and should only take you a minute to complete, if that. Here’s how to get it set up for your account:
Firstly, head to this page and click on Start setup.
If you have multiple accounts, click on Sign in with a different account, select the one that you wish to enable 2-Step-Verification on and sign in.
Once you have signed in, you will be asked which phone Google should send a numeric code to in order to start setting up 2-Step-Verification on. If you had previously given Google your mobile number when initially setting up your account, then they will have it stored. If not, you will be asked to add one. It is a good idea to have your mobile number saved to your Google account as it can make recovering your account much easier should you lose your password and/or mobile phone. If you don’t have a mobile phone or device capable of receiving SMS (text messages) then choose Voice Call, and it will be sent to your land line instead.
Next, click on Send Code to continue.
You will now be sent an SMS message from Google with a 6-digit code. Simply enter that code into the box in the next step and click on Verify.
Once you have verified the code that was sent to you, you will get a window whereby you can select to trust the computer that you are currently using to have access to your Google account. Please note that you should have the Trust this computer box checked if you are the only one that will have access to the computer, or that you trust the people who are able to use the computer as well. You can always change the computers you trust later if you like. For now though, I will be selecting this computer as trusted for the purposes of this tutorial.
Click Next to move on to the next step to confirm that you wish to turn on 2-Step-Verification
That’s it. You have now added an extra level of security to your Google account, which includes all Google products including Gmail and Google Drive. You can turn off 2-Step-Verification any time you wish by simply going to the Signing in & security section of your Google account, selecting 2-Step-Verification. Then sign in, and input your security code if asked and turn off your 2-Step-Verification.
However, there are still two very important steps to complete, which are adding an emergency number to receive your 2-Step-Verification code to and also to create backup codes for your account. These two should be completed as you may lose your mobile in the future, get it stolen or not have access to it for some reason. I will also be covering how to use the Google Authenticator app as well, that will allow to generate access codes which are useful if you find that you have no signal on your phone, or are unable to get to you backup phone or backup codes.
Firstly, let’s create a backup number. This is important as you may lose your mobile phone or get it stolen and need to gain access to your Google account on another device or computer. The number that you choose is completely up to you, but should be one that you are able to get access to should an emergency arise. Examples could be adding your Mum or Dad’s number, or that of a close and trusted friend or partner. To create a backup phone, head to the 2-Step-Verification section of your Google account that shows how you normally receive codes. You should now see a page similar to the one below:
Firstly, let’s start with adding a phone number. Input the number you will be using as your backup phone. (you can choose either another mobile device, or select Voice Call for a landline) You can also test the number by hitting, Send Code. This is optional though, but worth testing as you may have in putted the wrong number. Once you are satisfied, hit Save. You may be required to sign-in again after hitting Save.
Note that after hitting Save you will be redirected back to the 2-Step-Verification page again which will now show that you have added a backup number This number can be edited at any time and you are also able to add additional numbers as well, which is advised.
Next we are going to create some backup codes. These codes can either be printed out or downloaded and saved somewhere safe so that should you lose your mobile device and also be unable to use the backup phone you had, you will still be able to access your account via your Backup Codes. There are 10 codes that will be automatically created for you and you can only use each code once. If you find that you have used up all of your codes, then you are able to create more in the future. To start the process, either click on Print or download under Backup Codes on the page you are on, or simply head here to see the option.
Once you have selected to Print or Download your backup codes, you will see them as below.
You should store these in a safe place that you are able to access, but other people are not. You can either choose to save them as a .txt file or simply print them off. If you need to generate more in the future then just head here and create more.
OK, so we have now covered the basics of turning on 2-Step-Verification for your Google account as well as adding an additional number to have codes sent to should you lose access to your mobile phone as well as creating back codes that can come in handy should you not be able to use the emergency backup phone as well.
Using the official Google Authenticator app to generate codes instead of having them sent to your mobile
The next step is optional, but one I use for any account I have that uses 2-Step-Verification/2FA as a security feature. Most sites these days that offer additional secure ways off accessing your site will also allow you to generate codes on mobile apps such as Google’s Authenticator app. The app support multiple accounts so you are able to generate codes for as many sites that you require such as Dropbox, Facebook, LinkedIn, WordPress, Slack, Crypto currency exchanges and of course Google.
To start using the app to generate your codes instead, you will first need to download it to your device. The app can be used on the following devices:
- Android – Android 2.1 or later
- iPhone, iPod Touch or iPad
- Blackberry Devices – head to m.google.com/authenticator on your device and download & install the app
For the purposes of this article though, I will be using my Android device (Nexus 5) to show you the steps.
Firstly, once you have downloaded the app, open it up. Next head to your Google 2-Step-Verification page to enable getting codes sent to the official mobile app instead of being sent in SMS form to your mobile.
Select the Switch to app button.
Select the device you are going to install the app on to and hit Continue.
A new window will open explaining how to generate your code via the app. It will also create a unique QR Code for you so you can scan it using the app. If you don’t have any software on your device in which to scan a QR code, then you are given the option to manually write down your Secret Key, by clicking on the Can’t scan the barcode link. For this article I will assume that you do have QR scanning software like Barcode Scanner (Android only) installed on your device.
To scan the barcode, select the Add an Account button. If you have used the app before, then simply go to the options menu (top right-hand corner) and select Set Up Account from the options.
Once you select Scan a barcode, the app will automatically use an available app to perform the scan (in my case Barcode Scanner by ZXing Team) and start creating codes for you.
Now use the code that it has generated for you and enter it in to the Code area.
Hit Verify and Save to complete the process.
Now every time that you need to access your Google account from a device that you haven’t set up as a trusted device, all you have to do is open the Google Authenticator app on your mobile and scroll down to your account. Note that if you only use the app for a couple of sites you won’t have to scroll at all and it will show immediately. I have a long list of sites that I use 2-Step-Verification/2FA on so scrolling is needed. The codes will change every 30 seconds, so don’t panic if you can’t enter it in time, as another code will be generated once the 30-second timer is up.
Hope that has been helpful.