What Is Two Step Verification?
Two Step verification can be a bit of a pain at times if you work from lots of different devices, but what it means is, that if someone were trying to hack into your account on a different computer from yours (as is usually the case, unless they have stolen your computer) you will get a message alterting you to the fact that someone is trying to log in from another location. The hacker can’t log in to your account even if they have your password, without the SMS or Mobile app verification code which is sent to your nominated phone number or mobile app on your mobile device. If they have stolen your mobile device or phone, you’re in trouble.
This also means that every time you log in from a different new device (phone, iPad, laptop, work PC etc..) you do have to go through a process where a code is sent to your phone, and then enter it into your Google account before you get access to your account. Once you have done it for each device you use, then you won’t have to do it again, unless you clear out your browser cookies, which I do from time to time, then you have to do it again.
Another Important Step!
The other thing with 2 Step verification is that you also need to verify your apps that log in with Google, like YouTube and Flip board and Google plus. You might find that on your phone for instance after you have enabled the 2 Step verification, when you try to log into your Phone YouTube app, it gives you an “incorrect password” message. You need to then go to your Google security settings (see below pic) through the browser on your PC or phone, if you have enabled it, and generate a one time random password for that app. Just follow the instructions in the security settings. Put in the name of the app you wish to enable, for example “YouTube for my phone”, and generate a one time random password, it will appear as a random string of numbers and letters, you need to put that in the place you would normally put your Google password in on your phone. You only have to do this once. Then after that time you can log in to that app on your phone with your usual Google password.
To enable 2 step password verification on Google to your security settings http://www.google.com/landing/2step/
Yahoo
To enable two step verification on Yahoo go Here: and sign into your profile, click on the settings cog wheel (top right) and select Account Info then scroll down to Sign-In and Security, and Set up your second sign-in verification. It’s a good idea to also update password reset info, with some strong security questions.
To further protect your online applications you should really enable 2 step verification on your Facebook Account also, just go into your Account Settings/security settings and enable Login Approvals on Facebook to do a similar type of thing.
On Twitter click the Settings Cog Wheel top right and click on “Security and privacy” in left side column. Click “Send login verification requests to” and enter your phone number, or have log in verification requests to your Twitter app on your phone. Ensure that “Require personal information to reset my password” is ticked in your profile settings.
Apple I.D
Go to https://appleid.apple.com – Manage ID
Remember use strong memorable passwords! And use a different password for every single log in!
Create a password with 8 or 9 digits, at least 2 upper case letters and 2 numerals or other symbol. I find the easiest ones to remember are 2 random words, put them together. An example might be CricketsPaddlepops77. Don’t use pet names, kids names or birthdates, use nothing that can be linked with you in any way. These types of passwords are apparently just as secure as “a;owepthaoern[094-938ykdjga” but obviously much more practical because you can memorise them, memorising them is just as important as the password, there is NO point storing your passwords on your desktop in a word doc……or having it on a piece of paper in your wallet…
Have you been hacked, have you been saved by using 2 Step Password Verification? Let us know in Comments
I use Two-Factor Authentication across a lot of my accounts. I feel a lot more secure when I can telesign into my account with an OTP. I am glad that is offered as an option for many sites, but not enough. It is worth the time and effort to have the confidence that your account won’t get hacked and your personal information isn’t up for grabs. It would be nice to see more of the leading companies in their respective verticals start giving their users the perfect balance between security and user experience. I know some will claim that 2FA makes things more complicated, but the slight inconvenience each time you log in is worth the confidence of knowing your info is secure. I’m hoping that more companies start to offer this awesome functionality. To me this should be a prerequisite to any system that wants to promote itself as being secure.
Pandora, thankyou for your reply, I do sometimes feel I’m the only paranoid/Careful one I know! Thankyou for endorsing this. But I bet you have read some horror stories as I have of folks getting hacked, and losing some really important access and information. Never think you are too small for it to happen to you! At least if you do some basic security, you have more chance to protect your content and accounts. You wouldn’t leave your doors open at night in a location where your likely to get robbed…but many people do that on computers, just assuming they are safe don’t they?
[…] Setup “Two Step Verification” on every cloud based service you use. This means that if anyone does try to break into your account, you will get notification that someone is doing it, and you will need to verify it is you trying to get into your account by providing a code that they will send you. Instructions on Two Step Verification Here: […]