Secure Your Life with Google Authenticator

Your Google account pretty much contains your entire life; you rely on Google services to hold your photos, documents, contacts, calendars, emails, and so much more. In fact, your Google email account also holds the keys to almost every site you register with.

By having access to your Gmail account, an attacker could request a password reset for services like Skype, Facebook, and more. All of these extremely important services are protected by a simple combination of eight letters, numbers, and symbols. If you’re concerned about your Google account security, then you will certainly want to know about Google Authenticator for the iPhone.

What Is Google Authenticator?

Google Authenticator is part of a security measure called two-factor authentication. Rather than your entire account depending on a password to login, Google now allows you to add an additional layer of security to your account. When enabled, Google will require that you open the Google Authenticator application and enter in the randomly generated code into the login page.

Extremely security-conscience users may even opt for the randomly generated code to expire within 30 seconds, greatly reducing the chance that someone will see the code and be able to log into the account in time. With Google Authenticator, you still use the same password as before to sign-in to Google services. The difference is that now, in addition to the password sign-in screen, you will be required to enter the unique code from the Google Authenticator app. This prevents someone from remotely gaining access to your account by guessing your password.

Google Authenticator login page which prompts you for the passcode

Google Authenticator login page which prompts you for the passcode

Two-factor Authentication

Whether you’re a multi-billion dollar corporation or simply a concerned Internet user, security is extremely important. Single-factor authentication (using just a password to login) has several weaknesses that jeopardize your account security. First, many users create passwords which are considered ‘weak’ or easily cracked by an automated password guessing system. Passwords like ‘password’, ‘pass1234’, or ‘letmein’ are usually the first attempted passwords by attackers.

Many people don’t want to remember long or complex passwords, often opting to use pet’s names or details from their own life. Another weakness in single-factor authentication is the duplication of passwords. Even with the most secure password, you are still at risk if you reuse this password on multiple services. Take the Gawker Media’s database hack for example; thousands of users had their passwords exposed when their servers were compromised. If any of these users reused their passwords, they could have been at risk for other accounts to be compromised as well.

Two-factor authentication seeks to solve this issue by adding a second layer of security. One of the most popular methods of two-factor authentication is the RSA SecureID. These flash-drive like devices generate a random unique code that the user will input when logging into a specific web service. This code is in addition to a username and password. This solves the issues of compromised passwords because it requires the attacker to have physical access to the SecureID device which is unique for each user.

How Google Authenticator Works

Google Authenticator for iOS lets you secure your account by using the iPhone app

Google Authenticator for iOS lets you secure your account by using the iPhone app

Google Authenticator works in a similar way to the RSA SecureID. The app generates a unique code based upon several secure algorithms. As the app generates a new code, Google’s servers simultaneously generate the same code. During the 30 second window for which the code is valid, you can enter it in when your logging into your account.

Google will check to make sure the code matches up the with code generated on the server, and decide if you should be logged in or not. This prevents a remote attacker from guessing your password and potentially having access to almost all of your personal information; they would need access to your phone in addition to your password.

Google also provides a few backup options in case you lose or misplace your phone. Google will provide you with a few “one-time use” codes that you could keep for emergencies. I would recommend keeping these in a secure place. Google can also be setup to call your phone with a unique code to login.

Conclusion

Google Authenticator is a great tool for those worried about their account security. By enabling 2-step authentication, you can protect all those precious memories, important documents, and sensitive emails from ever ending up the wrong hands. While it may sound tedious at first, I’m able to unlock my phone and get a unique code within ten or fifteen seconds. Also, Google offers the ability for remember your computer for up to 30 days. This means you wouldn’t need to re-enter the unique code during those 30 days.

I would highly recommend Google Authenticator to any business using Google Apps or any security-conscious Gmail user who is worried about the overall security of their accounts. For more information, check out Google’s help center article on setting up 2-step verification.


Summary

Google Authenticator lets you add an additional layer of security to your Google account.

9
  • Leonick

    Nice, I loved when blizzard started doing this for their games. I’m not using a whole lot of google services though, gmail is inferior to yahoo, google docs is inferior to a proper office suite which I have in my dropbox and somon…

    Also, as said, nice of them to offer this but wow that is un ugly app…

  • Alrick

    Nice thing.

    How about email clients like Sparrow? Would they support that?

    • http://shalom.craimer.org Shalom Craimer

      For applications, such as e-mail clients, Google provides “App Specific Passwords” (at https://accounts.google.com/b/0/IssuedAuthSubTokens?hl=en). You generate a password, once, and paste it into your client. That password can be revoked whenever you feel like it.

      The only place it’s saved is on your computer, and it cannot be used to log into your Google account.

  • http://henrik.schack.dk Henrik Schack

    You can also use the Google Authenticator to secure your WordPress blog, I’ve written a plugin for that.

    http://wordpress.org/extend/plugins/google-authenticator/

    /Henrik Schack

  • http://www.tabletpcunion.com tablet

    This is an app the we all need. Account safety is very important.

  • Pingback: Jeinrev

theatre-aglow
theatre-aglow
theatre-aglow
theatre-aglow