Sign in with
Sign up | Sign in

Advanced Sign-in Security for Your Google Account

By - Source: Tom's Hardware US | B 20 comments

Google has announced increased security measures designed to protect users’ Google accounts.

A few months back, Google started testing out a Google Apps feature called 2-step verification. 2-step verification is an opt-in setting that offers added protection for those who aren’t satisfied that a password alone will protect their Google account.



Similar to the way your online banking requires more than one password or code to be entered before you have access to your account, 2-step verification will require those who opt-in to employ a second password in the form of a code that you can either receive from Google (via phone or SMS) or generate yourself on your Android, BlackBerry, or iPhone smartphone. This means that to gain access to your account, a hacker would need both your password and your cell phone to get in. There’ll also be the ability to ‘remember verification for 30 days’ which will mean you won’t have to do the verification-code-phone-dance for a month.

Google is in the process of rolling out this feature so keep an eye out for the 2-step verification link in your account settings.

Discuss
Display all 20 comments.
This thread is closed for comments
  • 4 Hide
    Darkk , February 12, 2011 2:49 AM
    This isn't a bad idea. However, it makes more sense to me to have google send me a alert text when something has been changed on my account. Something most banks do now.

  • 0 Hide
    JOSHSKORN , February 12, 2011 3:55 AM
    What would make more sense to do is for Google to keep track of what computers/devices you sign on from and if the device is allowed to access your account. Also, if you have to login to your account from a different device (or public machine), have an option for "Allow other devices to sign into this account". Is Google allowed to connect information about a computer such as MAC address or Windows key?
  • 0 Hide
    squallypie , February 12, 2011 3:58 AM
    This would probably improve the feeling of safety for the users of Google Chrome OS, since the whole OS is dependent on online stuff, mainly google's services.
  • 0 Hide
    lancelot123 , February 12, 2011 4:07 AM
    I've always thought that Blizzard's Authenticator idea would expand into other areas. Should have been done sooner, it is such a good idea, especially for banks.
  • 0 Hide
    Nakal , February 12, 2011 4:18 AM
    Not like it is Blizzards Idea, we have been using the securID platform for our VPN for well over a decade where i work.
  • 0 Hide
    nebun , February 12, 2011 5:59 AM
    they should implement special characters, upper case, and lower case letters...just like the military...also ask the use to change the password every 30 days or maybe 60 days
  • 0 Hide
    alyoshka , February 12, 2011 6:16 AM
    another pain............ and the bots are still going to be at it....
  • 1 Hide
    randomizer , February 12, 2011 7:52 AM
    They've had this for a while now when creating new Gmail accounts. I need Gmail accounts for work, so it was very annoying when for 2 days the verification codes just never got sent to me no matter how many times I told it to resend them! It's not a bad idea but as soon as the system fails to work as it should it becomes nothing but a time waster. I'm waiting for the day when my Bank fails to send me a code when I need to make a payment ASAP...
  • 0 Hide
    Wish I Was Wealthy , February 12, 2011 8:52 AM
    I like the idea in one way,but then again not...You have to carry a mobile phone with you all the time or at least to get the verification code from google,but at least it will last for a month...I remember seeing some guy from New York on TV saying that you should not be on the internet banking computer for longer then 5 minutes or else there is a big risk of you getting hacked...He mentioned that he had two computers one for internet banking & the other just for surfing...
  • -1 Hide
    Wish I Was Wealthy , February 12, 2011 12:55 PM
    I have several bank accounts...In one of those bank accounts,I have to open up my browser to let in cookies...On the second bank account,I do not have to open up my browser to let cookies in at all...So I think on the second one they actually have two passwords kind of,but also I read something about where there is something inbuilt within the pages that you download onto your computer and your computer is read that way by viewing pages on the internet & so I guess that the second bank does not need you to open up your browser to let in cookies...
  • 0 Hide
    bv90andy , February 12, 2011 1:00 PM
    Yea, but what about the "forgotten password" feature, where if you have enough info on a person you can easily change their password. Like they did with sarah palin.
  • 0 Hide
    crikey2 , February 12, 2011 2:09 PM
    JOSHSKORNWhat would make more sense to do is for Google to keep track of what computers/devices you sign on from and if the device is allowed to access your account. Also, if you have to login to your account from a different device (or public machine), have an option for "Allow other devices to sign into this account". Is Google allowed to connect information about a computer such as MAC address or Windows key?


    Windows Live Ids for using hotmail have had this (and the secure two step login usin SMS text messages) since last summer.
  • 1 Hide
    The_Prophecy , February 12, 2011 6:36 PM
    I like this.... yes, it would be slightly more inconvenient, but for the sake of not having anyone get into my gmail account, I'm willing to put up with it.
  • 0 Hide
    velocityg4 , February 12, 2011 7:03 PM
    As long as it opt in that is fine. Otherwise I hope it does not break the IMAP functionality of Thunderbird or Exchange on the iPhone. I like to be able to handle multiple e-mail accounts at one time. Not to mention the quick drag and drop interface you get with an email client but not in browser based e-mail.

    If this ultimately breaks functionality of e-mail clients I will just pay GoDaddy the additional fee for IMAP functionality rather than aliasing through GMail.
  • -1 Hide
    joelmartinez , February 13, 2011 1:07 AM
    Hassle, it'll get hacked in a month
  • 0 Hide
    asdfghjkl , February 13, 2011 8:46 AM
    Google is trying out new methods of earning money, this time SMS.
  • -2 Hide
    ubercake , February 13, 2011 7:09 PM
    Anything like this is good for users as we become increasingly reliable on e-mail communications for conducting official business (ie Bill Paying) associated with our home e-mail accounts.
  • -1 Hide
    dogofwars , February 13, 2011 7:54 PM
    Palin is a joke, she put lipstick has her password. Sometime you can only blame yourself for security. You know she is pretty and have her follower but nobody is driving, in her speech she based them with buzzword that it make sense or not it does not matter for her. The morale of the story make a complicate password that is 15+ characters and it's secure enough and don't make your hint too obvious too.
  • 0 Hide
    sudeshc , February 14, 2011 7:53 AM
    even this wont win Chinese government, they will still hate google heheheheh
  • 0 Hide
    gm0n3y , February 14, 2011 4:42 PM
    I'll take ease and insecurity. Just keep a strong password and change it once in a while.