12-Jun-2012   |     |   0

2 Step Authentication for Gmail

Let’s face it.  You use your email for everything from social media logins to your bank account.  More than anything else, your email is the key to your online identity.  If an unscrupulous hacker gains access to your email, they could cause havoc that can last for years.  Most users are unaware of the potential losses that can result from an email takeover,  your bank account could be stolen, and the assets drained.  Since most social media passwords can be reset through email, these hackers could also use your accounts on Facebook, Twitter and other social media sites to target your friends and family with phishing attacks.  They will also delete all of your saved email in order to frustrate attempts at tracking them.  Given the grievous nature of this threat, we here at COMPANYNAME encourage everyone to take steps to alleviate this threat.  Fortunately, Google has provided a simple method to protect your Gmail account from identity thieves.

First, let’s go into a quick review of information security.  There are three “factors of authentication” that a user can use to log into their account.  The first, something you know, should be familiar to everyone who has email.  This is what the the user knows. Usually taking the form of a password, but can also been seen in the form of security questions commonly seen on banking sites.  The second factor is something the user has. This factor has a variety of real-world implementations and can be commonly seen as a USB key, RSA dongle or a simple cell phone.  The final factor of authentication is something the user is.  These (are also known as biokeys) are things like thumbprints, iris scans, or in extreme cases, DNA.  The third factor can be costly to implement and might be a little overkill unless you are trying to hide the secret recipe for Coca-Cola.  However, Gmail has made it easy and inexpensive to use the first two to protect the key to your digital life.

The first step is to log into your Google account and browse to the settings page.  From there, click on Security.  You should see a setting for “Two-Factor authentication.”  Click Edit to turn this on.  You’ll need a cell phone for the next few steps that Google will throw at you.  Once you’ve got it all set up, log into your Gmail account, this time also entering the texted code at the next page.

This is all pretty nifty, but what if you don’t have a cell phone or text plan?  Google can still transmit your code through voice calls on a landline.  If you plan on traveling and still using your email, you can print off a set of one-time-use codes from the account security page.

You can also set “Application-Specific Passwords” that allow other applications (like Outlook and mobile email) to access your email.  Treat these and your regular passwords like your underwear: change them often, and don’t share with others.

A lot of people use Gmail for their personal email, but what about your business email? Contact COMPANYNAME at PHONENUMBER and talk to us about ways to secure your business and prevent crippling attacks from happening to your company.


Comments (0)