Monday, April 11, 2011

2-Step verification for Your Google Account (my thoughts)

If you're like me who feels paranoid at times that someone might be hacking or simply snooping at your precious Google account, hear ye! cuz the big G has rolled out the more secure log-in  to your record, may it be Gmail, Picasa, Blogger or the other plethora of Google ingenuity.  This feat has been available for a while but only this time that i had fiddled on to activate it.

There's the big WHY? as i was asking myself, is it really necessary to have this 2-step verification? It's better being prepared than nothing at all. If you could remember the news about phishing, account hacks at lifehacker (to name a few), and there was this news before that Gmail accounts were hacked. Kind of creepy, lots and lots of black hats out there are emerging to spread their malicious intent or solely to prove their indepth knowledge in the world of hacking.

To simplify things what is this 2-Step Verification is all about? it boils down to two things (kind of redundant, am i? hehehe)
- enter your password (1st step)
- enter your verification code (2nd step)
Once you've passed thru these two steps, you can now access your google account.

The 2nd step is where the complication is. There are 3 ways to get your verification code (well, so far as of this writing).

When you set-up/turn on the 2step verification feature, Google would ask you to customize how'd you like to get your codes. The three options below are irrevocable:
- via Mobile App for (iPhone, Blackberry, Android) - im not really sure if you could turn the feat if you don't have these kind of smartphones, really! i don't remember getting a SKIP as an option when i was asked which phone do i use!
- via Text Message (sent thru your mobile number which you've entered)
- via Printable Pre-Given Codes that you must print and store in a safe place (you bet i didnt print those, i just took a screenshot, saved as a JPEG and drop it to my cloud-based application)

After all those configuration, Google warned me that i will be signed out to all Google apps from my own computer, including other devices such as smartphones or tablets where i was initially logged on. To kill the anxiety in getting over this, i clicked confirm and there you go! my 2-step verification has been activated.

Now it's time for the real drama, i checked my iPhone to see if my POP mail is still up and running, Oh no! it wasn't. Next stop, i checked my Gmail-configured MS Outlook and made a test mail, oh no! - failed. I checked my web-based Google apps like Gmail and Blogger apps, i entered my password, then it asked me to enter the verification code-which i've got it thru the Google Authenticator App from the iOS, and presto, it worked. Now i gotta solve the non-webcentric apps like Outlook and POP mail for the iPhone.

Thankfully, there's what you call "application speficic passwords". Below's a screenshot of what's this all about:
In layman's term, OUTLOOK for example couldn't override the 2-step verification feature, same thing with iPhone's Mail. So inorder to resolve this dilemma, Google has provided the option of "Application Specific Passwords". To concretize this, say my iPhone Mail application - where Gmail is enabled, i have to re-enter NOT my original password nor my 2nd step verification code but the "application specific password" which could be generated from the google account settings. Behold, and worry not because you will only enter this once, no need to memorize at all.

I've tried it, and everything is perfect again. Smooth and happily smiling - my Outlook and my iPhone mail app.

To tell you honestly, i was relieved to know that i've successfully straighten things out. Now i feel more secure with my data and account from Google. There are what-if's, like what if my phone is lost?, like what if my printed codes are gone? As per Google policy, i wouldn't be able to access my account! - ever. They advised that at least one those three options for the 2nd step must be always accessible inorder for me to get a code handy.

I do recommend this to y'all who have google accounts to try and activate this feature. Pretty neat and interesting. This is like logging-in to a super-secured online banking.







macdosage@gmail.com