We all probably use at least one or two accounts to store a huge range of sensitive and personal data these days, from email to biometric and banking details. As such, securing these accounts should be a top priority. In addition to a strong password, one of the securest and increasingly common ways to protect your various accounts and devices is two factor authentication.
Today we’re going to go over exactly what two factor authentication is, what you’ll need to use it, and how to set it up on your Android device. Before we begin, you’ll need access to the devices you want to secure and a working mobile number that can receive text messages.
What is two factor authentication?
In a nutshell, two factor authentication adds a second step to the login process to boost security. This way, simply guessing or stealing your password isn’t enough to gain access to your account.
After entering your usual password, your device or app will require a second passcode. This passcode is delivered to a device you have designated via a text message or data service. Only by entering both codes successfully will you be able to gain access to the account, which keeps the bad guys out.
This makes your account more secure in a couple of different ways. First, the two factor authentication passcode will change every time it is used. This makes it virtually impossible to guess or hack, unlike a password that you probably seldom change.
Secondly, only the person with the verification device can gain access to the account. The fact that the passcode is delivered via a text message is also more secure than using an email address, as only one device can use the SIM card and number at a time. It’s also harder to hack into, or at least much harder than an email account.
Using two factor authentication to protect your Google account
The first place to start using two factor authentication might as well be your Google account. This way, new devices can’t sign into your email, access your Play Store account, or mess with your Photos or Drive files if your Google password ever becomes compromised.
There are a few options for Google’s 2-Step Verification system. You can opt to receive a text message or call to your master device, use Google prompts which is faster than entering a code, or use a security key device. The latter is the most secure and ensures that you won’t accidentally lose access if you change phone numbers. However, you will have to pay for the privilege of owning a compatible security key and it can be more hassle than a simple text.
For the following steps, we’re going to focus on how to setup Google’s 2-Step Verification on your Android smartphone using SMS. Here’s how to begin:
- Head to Settings > Google > Google Account
- Find the Security tab
- Click 2-Step Verification and login
- Update your recovery phone number and/or email in-case you need to recover your account
You should now be on the 2-Step Verification page. At the bottom, you’ll see a list of all the devices currently connected to your account. Here you can enable Google Prompt if you like, whereby a notification sent to your phone will act as the second stage of verification when logging into your account. This is just as secure as text, but SMS will follow you around if and when you move your SIM card to a new device.
Alternately click “Choose another option” to pick from a Security Key or using a text message or voice call. We’re choosing the latter. You’ll then be asked to enter your phone number. A code will be sent to that number which you’ll need to enter to continue. Finally, click “Turn On” to enable two factor authentication.
From now on, you’ll receive a verification code to use each time you set up your Google account on a new device. If you want to swap to the Key or Prompt method, or to disable 2-Step Verification, just head back into your Google Security settings and repeat the steps.
For more information about setting up Google’s 2-Step Verification on other devices, such as your PC, check out the official info from Google here.
Third party apps
Of course, Google isn’t the only company offering two factor authentication for its services. Most banking apps will offer this level of protection, some even mandate it. PayPal, for instance, also has this as an option, which I highly recommend you use to protect your money and bank details from any potential password leaks. There are also a bunch of other apps that work similarly to Google Authenticator. You can check out our favorites by clicking the link.
Even seemingly more innocuous services, such as messaging, offer account protection with this technology. Last year, WhatsApp introduced this security option under its Account settings to offer an extra layer of security when registering on a new phone. Facebook also offers two factor authentication, which can also ping you with alerts if someone else attempts to log into your account.
Yahoo has a particularly interesting two-factor authentication method. Almost all of its apps act as authentication apps for its other apps. It also works across platforms. Thus, if you sign in to Yahoo Mail on your computer, you can use the Yahoo Fantasy Sports app to authenticate the login. It’s a unique use for two-factor authentication.
Two factor authentication isn’t a replacement for a decent password, but it’s another layer of security that will help keep your important accounts extra secure.