Instead of typing your password each time you sign in to your Google Account, you can have a prompt sent to your phone.
Security is important, but constantly having to type your password and enter your 2FA (you know, those codes that change every 30 mins) code can be tedious. You already have 2FA enabled I’m sure, but what about this new feature released by Google today? How does this work? Is it secure? How do you enable it?
How does it work?
You simply tap the notification on your phone from Google to confirm, and you’ll be signed in quickly and securely. If your phone isn’t nearby, you can select “Use your password instead” on the sign-in screen.
Is it secure?
Yes. It’s a second factor authentication. Google knows if you are logged in using your phone, and this only works with phones that have either a passcode or fingerprint lock enabled.
I want it, how do I make it happen?
Simply follow the steps in the Google guide: Sign in with your phone instead of a password You will need to ensure you have the “Google Search” app installed, however most of you will already have that installed on your Android or iPhone.
Another simple guide from Google is here: New settings for 2-Step Verification
It is a secure two factor authentication process
Do it! Let us know how you go or if you have any questions.
Sounds geeky, but this is serious. If you have not heard about 2 FA or two factor authentication it means you are not yet using it. Are you using a password manager yet? As well as a password manager you need to be using 2FA on any websites that offer it. Especially your main Google/Yahoo/Facebook should have 2FA enabled for your own protection.
So what is 2FA and how does it work to protect you?
When logging in to an account with 2FA enabled you need a password and a one off code that is sent to you via SMS or generated by an app you have. It’s something you know (your password) plus something you have (your device that receives the SMS or generates the code). If someone was able to login to your email account, for example, imagine the damage they could do. They can probably even reset your banking login and empty your bank account. Enabling 2 factor authentication means even if your password was stolen from another site you use it on, a malicious user will still not able to login to your account. Not just a handy feature, an essential feature you should enable. Google have a nice page that explains more here: 2 Step authentication – how it works and 2 Step authentication – why you need it
How hard is it to enable?
It’s very simple. Just select the 2FA or 2 step authentication option in your account settings. If you are not sure where to find this option, please let us know in the comments below and we will help you out. Once enabled, you will have taken a big step forward to ensure that you are protecting access to your online information, including your banking details.
What about an app to manage all your 2FA codes?
While many 2FA codes are sent out via SMS, you can usually select to receive your codes via an app. Authy is our pick. It makes managing all your 2FA codes even on multiple devices simple. Another option is Google Authenticator.
Oh, and LastPass (password manager) allows you to use 2FA as well, offering you that extra layer of protection your many passwords need. Have a look at how simply their own 2FA (authenticator app) works, see: lastpass.com/auth/. We have an article on Lastpass that you should also read, see: Overwhelmed with passwords?
So, in summary, please use a password manager and enable 2FA on any sites that offer it. 2FA is easy to use now, and makes it highly unlikely someone will be able to login to your accounts if enabled.
Please leave a question or comment, we’re happy to help you improve your security.