Skip to main content

Misconceptions of Google Two-factor Authentication Debunked

Last week former Gizmodo writer Mat Honan found his iCloud account compromised which the hackers used to reset his Gmail password. They then gained control of his Twitter account and used it to broadcast racist and homophobic messages. The hackers also remotely erased all of the data on his iPhone, iPad, and MacBook from his Apple account. “In the space of one hour, my entire digital life was destroyed”, says Mat Honan.

Like most people Honan had his accounts daisy-chained together. Getting into one account allowed the hackers to get into the others. “Had I used two-factor authentication for my Google account, it’s possible that none of this would have happened, because their ultimate goal was always to take over my Twitter account and wreak havoc.”

The email account is the most important of all accounts. When you lose control of your email you lose your online identity. But the consequences are usually deeper and often affect your life outside of the Internet. The hackers have access to every sensitive information that is important to you – your credit card numbers, bank account information, your social account, medical info and more.

It’s been a while Google added two-factor authentication ability to Google accounts but not many people are using it because they think it’s a big inconvenience. Sure, it’s a hassle to setup but the enhanced security you get, and not to mention the peace of mind, is worth it. Besides, once you’ve authorized all your devices using two-factor authentication you don’t have to enter the PIN every time you login. Only when you try to login using another machine that the SMS-PIN code becomes necessary.

Matt Cutts, in his recent blog post, answers some of the frequently asked questions and clears doubts people have regarding two-factor authentication.

Myth #1: But what if my cell phone doesn’t have SMS/signal, or I’m in a foreign country?
Reality: You can install a standalone app called Google Authenticator (it’s also available in the App Store), so your cell phone doesn’t need a signal.

Myth #2: Okay, but what about if my cell phone runs out of power, or my phone is stolen?
Reality: You can print out a small piece of paper with 10 one-time rescue codes and put that in your wallet. Use those one-time codes to log in even without your phone.

Myth #3: Don’t I have to fiddle with an extra PIN every time I log in?
Reality: You can tell Google to trust your computer for 30 days and sometimes even longer.

Myth #4: I heard two-factor authentication doesn’t work with POP and IMAP?
Reality: You can still use two-factor authentication even with POP and IMAP. You create a special “application-specific password” that your mail client can use instead of your regular password. You can revoke application-specific passwords at any time.

Myth #5: Okay, but what if I want to verify how secure Google Authenticator is?
Reality: Google Authenticator is free, open-source, and based on open standards.

Myth #6: So Google Authenticator is a free and open-source, but does anyone else use it?
Reality: Yes! You can use Google Authenticator to do two-factor authentication with LastPass, Amazon Web Services, Drupal, and DreamHost, or even use a YubiKey device.

Have you setup two-factor authentication on your Google account?

Comments

Popular posts from this blog

How to Record CPU and Memory Usage Over Time in Windows?

Whenever the computer is lagging or some application is taking too long to respond, we usually fire up task manager and look under the Performance tab or under Processes to check on processor utilization or the amount of free memory available. The task manager is ideal for real-time analysis of CPU and memory utilization. It even displays a short history of CPU utilization in the form of a graph. You get a small time-window, about 30 seconds or so, depending on how large the viewing area is.

How to Schedule Changes to Your Facebook Page Cover Photo

Facebook’s current layout, the so called Timeline, features a prominent, large cover photo that some people are using in a lot of different creative ways. Timeline is also available for Facebook Pages that people can use to promote their website or business or event. Although you can change the cover photo as often as you like, it’s meant to be static – something which you design and leave it for at least a few weeks or months like a redesigned website. However, there are times when you may want to change the cover photo frequently and periodically to match event dates or some special promotion that you are running or plan to run. So, here is how you can do that.

Diagram 101: Different Types of Diagrams and When To Use Them

Diagrams are a great way to visualize information and convey meaning. The problem is that there’s too many different types of diagrams, so it can be hard to know which ones you should use in any given situation. To help you out, we’ve created this diagram that lays out the 7 most common types of diagrams and when they’re best used: