If you never had the misfortune of having your email account hacked, this may have happened to one of your contacts. Ultimately, without his knowledge, messages may have been sent from his own inbox either praising the virtues of a drug or demanding an urgent money transfer through Western Union. In order to avoid the misuse of your passwords and the resulting identity theft, Google has introduced a clever authentication system whereby all you need is a mobile phone.
How it works
To qualify for this advanced protection, you must have a mobile phone, be it a basic mobile phone or the latest smartphone. Then, to read your emails, you must provide the code transmitted to your phone in addition to your username and your usual password. Thus, it will be impossible for a hacker to access your data even if he has your password. If you lose your phone, Google provides a backup system. Either your validation code is sent to you on another number, or you can use one of the backup codes previously provided.Each backup codes can be used only once.
Unfortunately, some devices such as smartphones and tablets, as well as a number of services that communicate with Google, do not accept these validation codes and work only with the traditional binomial: username and password. This is also true for messaging software using IMAP / POP like Outlook Express or Thunderbird, chat software like Adium, but also tools within the Google ecosystem such as Google Talk, Picasa, Docs, Calendar, Blogger and so on.
By subscribing to the validation service which is a two step process, these applications will be temporarily blocked. To re-activate the service, you will have to generate a unique password for each of them and use them instead of your usual username and password. Without a doubt this is easy but it can turn out to be a bit daunting when you have multiple mobile devices and you happen to be a fan of social networks.
Even if the configuration of services may seem a bit long, do not overlook anything that pertains to your security online. This is particularly true if your Gmail account contains documents and important emails. This is after all the equivalent of a second lock on your door. Given existing threats on the Web, it would be a shame not to enjoy this protection tool which has been proven to be particularly effective.
Configure the validation process in two steps
In Gmail, click on your e-mail account and click Settings. In the Security section, go to validation in two steps and click Edit. Add the phone number that Google will send you the codes, telephone call or SMS.
Once received it, enter the code. Holders of an Android smartphone, BlackBerry or iOS, can visit their applications marketplace and install Google Authenticator. This free service can scan the bar code that appears on the page using the phone’s camera and it will give you immediate access.
If you are on a trusted computer, choose to store the code for thirty days. However if it is a public computer, clear the check box. You will be prompted for a new code each time you connect which will be sent automatically to your mobile number. Finalize the configuration of the phone by clicking Enable validation in two steps.
The warning “Google has detected that you need to create passwords for specific applications” may appear. Do not worry about it for now and dedicate yourself more to the establishment of backup options to access your account if you misplace your mobile. For this, we must add a secondary phone number (landline or that of someone you trust), but also generate relief codes. These ten codes should be printed and kept carefully in a readily accessible location, eg your wallet. Each of them can connect once to the account and they never expire!.
Go once again to the settings in Gmail. This time, in the Security option, go to Authorizing applications & sites, then click Edit. Since it will be necessary to repeat the operation for each of your applications and services connected, consider taking down some guidance notes for you here. For example remember to add Gmail on your iPad, Google Talk on your Samsung or putting Outlook on your computer at home. Then click on Generate Password.
Copy it – with or without spaces – instead of the usual username and password. You do not have to memorize it since you will have to do this only once. If one day you want to reuse your passwords as usual, simply return to this page and click Cancel.