What is 2-Step Verification?
What is 2-Step Verification?
2-Step Verification, also known as Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA), adds an extra layer of security to your account, to make sure the people accessing an account are who they say they are. After setting up 2FA, a user will sign into their account in two steps, using the following information...
Something you know...your password.
Something you have...a code or prompt on a device.
With 2FA enabled, compromising one of these factors won't allow a malicious user to gain access to an account. Even if your password is stolen, or your phone is lost, there is a low probability of someone having both authentication factors, and being able to access your account.
Why use 2-Step Verification?
Passwords have been the main form of authentication since...well, forever. But passwords are far from perfect. While changing your password periodically, and using a strong password/passphrase is a good start for protecting your account, research shows some interesting (and worrying) facts about passwords...
- Humans have lousy memories...therefore we choose simple, memorable passwords. Unfortunately, this means 90% of passwords can be cracked in less than six hours.
- As we create more and more online accounts...for banking, email, shopping, entertainment, etc...people find they have too many passwords to remember, so they get into the dangerous habit of password recycling. Studies show 2-in-3 people use the same password everywhere, or across multiple sites. Malicious users love this trend, as it is extremely likely that a compromised username and password will unlock other more lucrative accounts, like banking, shopping, email, etc.
- Sophisticated cyber attacks have the computing power to test billions of passwords per second.
- Social engineering and phishing emails are becoming more sophisticated and effective at maliciously stealing passwords.
2-Step Verification can solve these issues by adding an extra layer of security to your account. So even if your password (the "something you know" part) is stolen, your account cannot be easily compromised by malicious users without a two-factor code or prompt (the "something you have" part).
Enabling 2-Step Verification (2FA)
Enabling 2-Step Verification on your Google account is easy, and will protect your account, as well as any services tied to Google for authentication. Follow the instructions below to enable 2-Step Verification on your Google account, using your preferred method.
Follow these directions to receive a 2-step verification code via text or voice message.
Follow these directions to receive a 2-step verification prompt via the Google or Gmail app on your mobile device.
With 2-step verification via text/voice messages or Google/Gmail app prompts enabled, follow these directions to enable emergency one-time use backup codes for 2-step verification. In the event your mobile device is ever lost or stolen, these one-time use codes will allow you to be able to access your account.