How to Set Up Two-Factor Authentication on Your Account

BY GreenBot Staff

Published 21 Jun 2016

Updated 06/21/16: Included more accurate images and information about Google’s new on-phone prompt. You don’t have to possess a stash of nude selfies. In your account to know it’s time to take precautions against getting hacked. Two-factor authentication, also called two-step verification, is one of the best weapons against digital thieves. Fortunately, it is relatively easy to set up for your account. Providing an extra layer of security to guard against unwanted access to your stuff.

How It All Works

Every time you sign in to your account, it will require your password. You are using a password manager. But a six-digit code is generated through a text message, the Authenticator app, or approval from the prompt. This way, if someone were to hack your password. They will not gain full account access unless they had your phone.

Don’t let a masked, unshaved criminal into your account.

If they have your password and phone, you’re probably in greater danger than exposing your email. Sometimes, it will be a pain in the neck to type in the code. When you want to quickly access some information. But as an Android user, your account is the central hub of your digital life. Gmail, photos, contacts, work files and Play purchases reside there. Compromising all that data would wreak serious havoc.

Start in your browser

To get going, head to Google’s My Account page, then Sign-in & Security > Signing into > 2-Step verification. You’ll be able to choose among three steps; prompt, authenticator app, or SMS. From the prompt, the app will let you select from any phones you have connected to your account.


Use any phone connected to your account. If some type of screen lock like fingerprint or PIN is enabled.

After adding a phone, you’ll need to authenticate it once. This will give you a preview of how it works. You’ll get a push alert replicated to Android Wear to approve your requested entry to your account. Approve this request, then you’re in.

Approve the sign-in request then you’re off to the races.

Authentication

Another reliable method is the Authenticator app. This generates a random code that routinely changes so no one else can steal or guess it. Enter the password, enter the code, and then be granted entry to your account.

Authenticator spits out codes to let you into your account.

There’s also an Android Wear app, so you can grab a code straight from your watch. Google makes the Authenticator app for iOS and Android. Some third-party services, like Evernote and Snapchat. Allow you to generate a different code for entry specifically to their apps. When you sign in for the first time. Finally, there’s the SMS method. Google will send a code via text message to your smartphone, then you’ll enter that when prompted. Select a phone number to receive text messages or voice codes when you want to sign in to your account. Select the prompt for 2-Step Verification, then choose a phone number to receive text codes. It will be the default suggestion if you have already connected a number to your account. Otherwise, you may add another number.

Add the phone number you want to receive SMS backup codes with.

Then choose to receive the codes as SMS unless you want to take an automated phone call. The first six-digit verification code will then arrive on your phone. Enter that number on the screen. You are asked to trust this computer. If this is your primary machine, select yes. So you don’t have to go through the two-step process every time you access a service. However, skip this step if you swap around the machine or don’t trust your roommate.

Print Off Backup Codes

As another safeguard. Google will create a list of one-time codes you can use in case you are without your phone. Go into your account settings and click the print or Download button. It then generates a list of ten different eight-digit codes in a small rectangle. And can be printed off and saved in a wallet. Print off backup codes in your wallet or save them as a text file. You can also download them to a text file. Keep it somewhere you can easily access it. If you’re locked out of the account.

App Specific Passwords

You may need to create a one-time password if you connect your account to a non-Android device. Not all services support two-factor authentication. So it generates a one-time-only password to grant access to your account from apps like email or calendar on iOS.

Get app specific passwords for other platforms.

In your account settings, select app passwords, then choose the app platform from the drop-down menus. Customize the app if a third-party app isn’t listed.
If you sell a device or no longer use these services. Head back into your security settings and revoke access to those applications. These steps are well worth it, whatever short-term inconvenience they may cause. Password security breaches are almost daily, so fire up that two-factor authentication to ensure you don’t become the next victim.