# Google 2-step Verification



## Semper Fidelis (Sep 5, 2011)

http://www.google.com/accounts

Recommend turning 2-step verification on.

I was at Kings Dominion a week and a half ago and received a call from a friend. Both he and his wife's Google accounts had been hacked. The passwords were relatively weak.

The incident raised my own concern about the security of some of my critical accounts even though I use very strong and unique passwords.

I poked around the settings and found the 2-step verification. In a nutshell, when I logn in to my Google account from a new computer after I successfully enter username/password, Google texts me a code in order to complete the log in process. If I don't have my cell phone with me, I have a set of backup codes I can choose from. Finally, my tertiary method is a home phone call.

Anyhow, check it out. I've enabled it for all the Google Apps accounts I administer. The one drawback is the need to generate one-time passwords for Ipad and Iphone apps but that's a small annoyance.


----------



## NaphtaliPress (Sep 5, 2011)

It says MS Outlook won't work with the 2 step; does that mean I cannot check my gmail from Outlook?


----------



## fredtgreco (Sep 5, 2011)

NaphtaliPress said:


> It says MS Outlook won't work with the 2 step; does that mean I cannot check my gmail from Outlook?


 I have that same question.


----------



## VictorBravo (Sep 5, 2011)

fredtgreco said:


> NaphtaliPress said:
> 
> 
> > It says MS Outlook won't work with the 2 step; does that mean I cannot check my gmail from Outlook?
> ...



I was trying to set this up a couple weeks ago and ran into this glitch. It seems you need to set up an "Application Specific Password." I haven't gotten that far yet, but I think this article points the way:

Set Up Outlook for Google Apps Mail with 2-Step Verification


----------



## NaphtaliPress (Sep 5, 2011)

How do I set up 2 step? It wasn't clear to me from the link Rich gave. It doesn't have a turn on/off 2 step far as I could see.


----------



## Covenant Joel (Sep 5, 2011)

NaphtaliPress said:


> How do I set up 2 step? It wasn't clear to me from the link Rich gave. It doesn't have a turn on/off 2 step far as I could see.



It should be right under Personal Settings-->Security. It will take you to another page where you have to hit "Start" or "Set Up" or something on the right. Then it guides you through it, including the setting up of other programs like Outlook.


----------



## NaphtaliPress (Sep 5, 2011)

Still don't see it; but I see from "help" that this is really for if you have a mobile phone. Do I have to use the phone for primary means of contact?


----------



## NaphtaliPress (Sep 5, 2011)

They actually want two cell phone numbers where you receive verification texts.


----------



## Covenant Joel (Sep 5, 2011)

NaphtaliPress said:


> Still don't see it; but I see from "help" that this is really for if you have a mobile phone. Do I have to use the phone for primary means of contact?



You can use a landline, I believe, as you can select a text message or a phone call for the verification code. I think the 2nd phone number is optional.

Are you using regular Gmail or a Google Apps account? I saw it right on gmail, but though I haven't really looked hard yet, I didn't see it in the same spot on my Google Apps account.


----------



## NaphtaliPress (Sep 5, 2011)

I'm not sure; how can I tell?


Covenant Joel said:


> Are you using regular Gmail or a Google Apps account?


----------



## Covenant Joel (Sep 5, 2011)

NaphtaliPress said:


> I'm not sure; how can I tell?



Is your email address @gmail.com?


----------



## NaphtaliPress (Sep 5, 2011)

No; they all have @domainname. I have a half dozen or so for 3 website domains.


Covenant Joel said:


> Is your email address @gmail.com?


----------



## Covenant Joel (Sep 5, 2011)

NaphtaliPress said:


> No; they all have @domainname. I have a half dozen or so for 3 website domains.
> 
> 
> Covenant Joel said:
> ...



Ok, just figured it out:

Go to google.com/a/yourdomain, then click on advanced tools. Below you will see "Allow 2 step verification for your users." Then the box should appear for your email addresses on Rich's link. Screenshot below.

View attachment 2297


----------



## Semper Fidelis (Sep 5, 2011)

VictorBravo said:


> fredtgreco said:
> 
> 
> > NaphtaliPress said:
> ...



That's correct. You set up an application-specific password in order to use POP or IMAP access.



NaphtaliPress said:


> No; they all have @domainname. I have a half dozen or so for 3 website domains.
> 
> 
> Covenant Joel said:
> ...


Chris,

I just realized I need to enable this feature on your domains. You have Google Apps. I'll fix it right now.


----------



## Semper Fidelis (Sep 5, 2011)

VictorBravo said:


> fredtgreco said:
> 
> 
> > NaphtaliPress said:
> ...



That's correct. You set up an application-specific password in order to use POP or IMAP access.



NaphtaliPress said:


> No; they all have @domainname. I have a half dozen or so for 3 website domains.
> 
> 
> Covenant Joel said:
> ...


Chris,

I just realized I need to enable this feature on your domains. You have Google Apps. I'll fix it right now.


----------



## NaphtaliPress (Sep 5, 2011)

Thanks Rich; I was not finding it.


----------



## Semper Fidelis (Sep 5, 2011)

BTW, you don't need two cellphones. The tertiary means allows you to specify your landline and have it send you a voice message if the first two methods fail. I use Lastpass so I'll always have the second meands handy in a Secure Note.


----------



## 3dawgnight (Sep 8, 2011)

There's also an Android app that provides your access code. It's like those rolling access codes that some businesses use (hardware key that rolls the access code every 30 seconds or so). The app is called "Google Authenticator."


----------

