In the early days of the internet, when things were simpler, a password was all you really need to protect your account. But in these days, when technology is developing at a rapid pace, a password is no longer enough This is why everyone should set up and use two-factor authentication as an added layer of security. Google Authenticator can help with this.
Two-factor authentication (2FA) also goes through two-factor authentication and multi-factor authentication. But whatever name you use, everything works the same, and it would be foolish not to use it if the website supports it.
That would mean the difference between a hack and no hack. All major websites like Gmail, Facebook, Twitter, and Dropbox have two factor authentication for their users.
What is two-factor authentication and how does it work?
2FA is the second level of security for your online accounts (your regular password is the first level). This is a code that must be entered into the website in question, after the password, to prove that you are the legal owner of the account.
There are three methods for obtaining a 2FA code – using an authenticator app like Google Authenticator, receiving text messages on your cell phone (which is not recommended due to SIM cloning) and YubiKey. The safest method is an authentication app, so today we’re going to show you how to set up and use Google Authenticator, the popular and easy-to-use two-factor authentication app.
What is Google Authenticator?
Authentication app is a smartphone app that automatically generates new 2FA codes for each of your configured accounts every 30 seconds. You must enter the correct number shown on the authenticator screen in the login field of your website before the code expires and a new code is generated instead.
If you enter the wrong code, say three times in a row, you will be blocked for a certain period of time.
The first thing to do is download and install the Google Authenticator app on your smartphone. It is available for free for both Android and iOS Never mind bad reviews. Some people complain that it is “basic†compared to a competing application, but sometimes the basic one is better. Don’t over complicate things.
How secure is two-factor authentication?
Unless you are using two-factor authentication, a potential hacker will simply need your password and they will log into your account. Considering everything people store in their emails these days (credit card details are just the beginning), a hacker infiltration would be a disaster.
But what if you used 2FA? Well, that changes everything. To get 2FA codes, a hacker needs to physically own your smartphone and know your phone’s PIN. They will then need to open Google Authenticator at the right time to get the right code before it expires in thirty seconds.
Of course, for some, the need to enter a code may seem like a pain in the ass, but using an extra ten seconds to enter a second code is much preferable to hacking and stealing your identity. P>
Get started with Google Authenticator
We are now going to show you how to set up your first account with two-factor authentication. Many sites offer two-factor authentication – just take a look at the Security section of the respective site. Or visit this site for a list of those who offer it and who don’t.
In our example, we’ll show you how to secure your Gmail account using Google Authenticator. The advantage of using it with Google is that 2FA will protect your entire Google account across all Google-owned services such as Gmail, Drive, Calendar, YouTube and many more. So this is a good place to start.
Setting up Google Authenticator on Google
- Go to your Google account settings page and sign in.
- On On the next page, click “Security” in the left sidebar.
- Scroll down to the “Sign in to Google” section and on the right you will see the 2-step verification option. Click on this now.
- On the next screen, log back in and click the blue Get Started icon at the bottom.
- On the next screen, you will be asked to select an identity verification method when setting up 2FA. They seem to prefer the “Google Hint” sent to the Gmail app on your phone or tablet. If you don’t have the Gmail app installed, or would rather not use it, you can choose to call, SMS, or use an email key instead. To do this, you must provide Google with your mobile phone number.
- After you have answered Google’s request and entered the verification code, you will be asked if you want to enable two-factor authentication. Click the blue ON button and it will launch.
If you scroll down the page now, you will see two sections – backup codes and the Authenticator app. These are the next two sections that need to be configured.
- Click Backup Codes and a small window with ten codes will open. Obviously I’m blurring some of my codes so you can’t see and use them! Download the list and keep it in a very safe place. If you lose your phone, these backup codes are your only way into your account.
- Now go to the Authenticator app section. First, you will be asked what your phone number is.
- You will be prompted to sign in again. Once you have done this, a QR code will appear at the top of the screen.
- Now open the Authenticator app on your phone. At the top right, you will see a plus sign. Click on this.
- At the bottom of the Authenticator screen, you will see two options – Scan barcode and Enter manually. Select Scan Barcode.
- Point your phone screen at the QR code and it will immediately beep. The 2FA number will appear on the screen of your authenticator.
- You need to enter this number in the Authenticator section of your Google account. Once you’ve done this, two-factor authentication is set up. From now on, every time you log into your Google account, you will be prompted for a 2FA code, but you can whitelist “trusted devices†such as your private home computer.
As you can see, two-factor authentication is not rocket science, especially with the Google Authenticator app. It is enough to dig a little in the settings and customize the phone a little.
–