Protect your accounts with Google 2-Step Verification



by | August 10, 2012       << Back to Blog    

Join the Conversation on Facebook!

Click to enlarge

One would think that a simple username and password is sufficient to lock unauthorized people from accessing your accounts.  However, have you ever wondered how safe are the websites and services that use your login information? Have you ever wondered how 'safe' are the actual companies behind those websites and services?  All companies have their own security measures and policies in place to prevent hackers and safeguard information, however although there seems to be similarities in their security measures, there is no single standard that every website follows. 

As you may know, if you forget your login information on any website there is always some sort of password recovery page where you can reset your password and allow you to gain access to your account again.  The issue is that there are infinite ways a company can choose to verify if you are the actual account owner and grant you access.  One company's verification method can use information that supposedly only 'you' should know, like for example 'The city where you were born'.  Obviously that is really no secret to someone who really wants to find out (i.e. a hacker).

This is of course an oversimplified explanation of the problem.  The truth is that bits and pieces of your information is scattered in many systems.  One piece of information on one website may be the piece of information needed on another website to get passed their security.  I am oversimplifying things here and it may take many examples for you to visualize the problem.  Take a look at how Wired's Mat Honan got hacked and lost his valuable data.

To help make your account more secure, Google has added an extra layer of security with 2-Step Verification.  The basic idea is that anytime you login to any Google service (Gmail, Docs, etc.), you also need to provide a random PIN which Google sends to 'your' mobile phone via text message or phone call.  If someone gets your login information and tries to login to your Gmail account, they will be prompted for a PIN.  Without the PIN they will not be able to gain access.  More information on Google 2-Step Verification can be found on this video.

Learn from other's that have been hacked and don't be a victim. At the very least change your passwords often, make them 'complex' and try not to use the same passwords for every service you use. 



About Fernando Sosa
Fernando Sosa is a technology consultant, project management professional, and software developer who helps small businesses and nonprofit organizations make the most of their information technology resources.


Comments: