Google offers just so many services that I can’t list them all but some of the most popular include its email service Gmail, Photo, Maps, YouTube, Photo, and a ton of other solutions available to professionals and business owners, and even individuals.
To access all of these services, you need just one Google account with which you can further oversee your business or personal presence on its search engine.
But one issue with this is the fact that you are using the same account – that is one user name, one email address and definitely one password across all of Google’s services including Adsense, Webmaster Tool, Analytics, YouTube Creators, Google Ads, and other professional services.
While that in itself is a bad idea considering the fact that internet security experts often warn against the use of one password across multiple services.
There are two ways to go about it. The manual way is by constantly changing your Google Account password every now and then or creating a plethora of accounts to work with individual services you want to use or just do it the Google way – Two-Factor Authentication.
So in this short guide, we’ll explore a number of important things that you should know about Google Account and the Two-factor Authentication popular known as 2SV or 2-step verifications.
So without any further ado, let’s get started.
What is 2-step verification?
In order to log in to Google or any site for that matter, you need a number of combinations which often include your username or email address and then your password.
When those combinations are correct, the system opens its door for you to access your profile but if not, you’re required to provide the correct combination.
Now with a 2SV, there is an extra layer of authentication to further verify that it’s really you who’s making the request considering the fact that the system has no way of actually knowing if you’re truly the owner of the account or you hijacked it from someone else.
So with that, the user journey starts with the combination of username or email address and then the correct password, and then the 2SV authentication prompt which will then lead to a successful login.
The 2-steps verification ensures that even if your account has been hijacked by hackers, they cannot log in to your account without your full consent which is the last step of the verification that often requires you to click a prompt on your smartphone when asked “We noticed a login attempt on your account from XYZ location. Is this you?”
Or the common way is an auto-generated four digit numbers on the account login page which will be required to be clicked on your smartphone in order to confirm your consent.
It’s a quite tough security measure that has helped a lot of people and there is in fact a new report that Google will automatically enroll over 150 million users to its 2SV system due to security reasons before the end of the year.
Below is how to set up Google 2-step verification on your Account.
Turn on 2-step verification for your Google account
The first thing to do is visit myaccount.google.com using your smartphone’s browser such as Chrome or Safari browser and then do the following.
- Scroll down to the left on Home > Personal Information and click on Security;
- Next, scroll down and click on the 2-step Verification link;
- Click on “Get Started” and then enter your Google account password when requested.
- Next thing is to enter your phone number and pick how you’d like to receive the codes.
- Enter the code on the subsequent screen and then click on NEXT.
- From here, click on TURN ON.
After you’ve turned on the 2SV system for your account, you’ll still need to pick other verification methods such as Google prompts and Backup codes which can be used in place of SMS.
And that’s it. You’ve now successfully turned on two-step verification for your Google account and that will protect your account from account hijackers and you’ll be required to use it whenever you want to log in to your account on a new device or in a new location.
How to verify it’s you while logging in to your Google account
The next time Google notices that someone tries to log in into your account from a new device (assuming it’s you, Google has no way of knowing that it’s really you unless it asks you to verify it’s really you.) you’ll get an asynchronous popup on the login page and on your smartphone asking you if the four-letter code on the screen is the same as the one on your smartphone.
With that, you’ll have to just click on the number you see on the browser on your phone and Google will authenticate that it’s really you.
Unless in an extreme case where someone literally stole your phone and made that confirmation themselves, your account is obviously safe especially as smartphones often require passwords which will even be hard for the hacker to break into.
1. Verify using code received via text message or call
Google will send a code via SMS or call the registered mobile number. Enter this code to log in successfully.
Using SMS for verification isn’t the most reliable way and could take longer to arrive since it often depends on your local carrier to function well and if there is a network outage or slow SMS operation, you may never receive the OTP on time.
That is why the use of instant verification is usually the best since it relies solely on your internet connection and you only need to click a number not entering the number into an input field.
2. Use Google prompts in the Google or Gmail app on your phone
After you’ve turned on 2-setup authentication for your Google account, next is to scroll down and click on Add phone > Get Started > Next from where you can authenticate your Google password.
You’ll then get a prompt on your phone either via the Google mobile app or via Gmail. Just click on the Yes button to confirm.
In order for this to work, you need to have been signed in to your Google account via the Gmail app or the Google mobile app which is often automatic if you’re using an Android device and you logged in to your Google account while setting up your smartphone.
3. Use physical security keys for verification
If you have a security key that works via Bluetooth or Lightning port, tap ADD SECURITY KEY and proceed after enabling 2-step verification. If you have a security key with a regular USB, sign in to your Google account on a computer and set it up from there.
Depending on which security key you have, you will have to plug it into the device or connect via Bluetooth. Next, authenticate via the button or touch to complete the 2FA sign-in.
4. Use your backup code to sign in
There is another authentication method that involves the usage of a backup code that can be used to sign in to your Google Account if everything goes wrong.
All you have to do is generate the backup code after you’ve turned on TFA, simply scroll down to Backup codes on your Google account settings page and click on Set up.
The system will generate ten codes that can be printed or downloaded. You can also take a screenshot of this but the most important thing is to keep it safe and hidden for your own sole usage.
The code can be used later on to log in to your Google account by merely entering any of the numbers when required to authenticate your account’s ownership.
Or use the Google Authenticator App
The Google Authenticator is another secure way of ensuring the safety of your Google account.
It functions by generating a set of random codes that can be used for future verification of your account in case everything goes wrong.
To use Google Authenticator, follow the below steps.
- First thing is to download the Google’s Authenticator application from either App store or Google Play store;
- The next thing to do is click on the Set up button and pick your smartphone;
- Then you get a QR code which can be set up via your computer or tablet via the authenticator app on your smartphone. (If you have difficulties scanning the QR code, you can simply click on “Can’t scan it?” link.)
- Then copy the long code you see and then;
- Open Google Authenticator app and click on “Enter a setup key”
- Enter your Google email address in the account field and the long set up key code in the “Key” field and then click on the Add button.
- After that, click “Next” so that the authenticator can generate a 6-digit code that can be pasted on the Google account page on your browser before clicking on the “Verify” button to successfully enable the authenticator app.
How to add trusted devices in order to skip Google 2SV
It’s also possible for you to skip the 2SV for trusted devices by just checking on the “Don’t ask again on this computer” box.
This will be a good idea if the computer or smartphone is yours rather than a public one which can allow anonymous individual access to your Google account.
And it’s very possible for you to revoke access to the trusted devices in situations whereby you’ve transferred your device’s ownership to someone else. You obviously don’t want them to use the device to access your Google account which is why the “Revoke All” devices feature is available on your Google Account.
To access this, from within your Google Account, just head over to the security tab and then click on the “Revoke All” link which will remove all trusted devices from your account.
Hate Google 2SV? Here’s how to turn it off
And if you’re not a fan of 2-factor authentication, you can turn it off even though it’s not advisable to do so unless you know what you’re really doing.
- From your Google Account page, visit the Security Tab;
- Click on the 2-Step Verification link.
- From the next screen, click on TURN OFF.
Definition of terms: By 2SV I mean Two-Step Verification. Also, Two-Factor Verification (TFV) and Two-Factor Authentication (2FA, TFA) means the same thing just in different words.