How Do I Stop Hackers from Hacking My Google Accounts?

Posted October 23, 2014 by Walker Rowe in Android

android_vector

If everyone used-two factor authentication, hackers would have to find honest work.  They would not have been able to download Jennifer’s Lawrence’s nude photos from the Apple iCloud, because to login they would have needed to physically have Jennifer’s cell phone in their possession.  All those emails and passwords stolen from JP Morgan, Target, Best Buy, LinkedIn, and eBay would be worthless, since without the token generated by the authenticator, the hackers cannot login.

The Google Authenticator generates a code on your cell phone that you can use to login to web pages protected by two-factor authentication (also known as 2-step verification).

Facebook has a code generator and Twitter uses text messages for two-factor authentication (Twitter does not call all wireless carriers in all countries.).  Gmail, WordPress, and the Microsoft SkyDrive all will work with the Google Authenticator or cell phone text messages.  There are other devices, like the RSA token or Cryptocard,  popular with banks.  They all use the same one-time protocol that generates a code based on an algorithm and the current time.  It works even when your cell phone has the wrong time.

1. First, install the Google Authenticator from Google Play. As a security measure, you can only install this on one device. Install it on your phone, as you will not always have your tablet with you.

2. Log into Google+, Gmail, or Google Docs and click on the icon where you picture or avatar is located at the top right of the screen.  Click Account>Security>Two-step Verification.

 

google authenticator

 

3. Fill in the screen below. You need to print off and save the Backup Codes in case someone steals your phone or you lose it. If you are hosting your own domain, you could, of course, recover a lost password by logging into your Google domain as the administrator and changing your password that way.  But if not, the backup codes are the only way you can log back in without contacting Google, which could take a while.

two step authentication

 

4. Now when you login to any Google application, the screen will ask you to enter the code generated by the authenticator.  Open the Authenticator app and enter the code shown there.  It will change after a few seconds, so if you wait too long, enter the new code that appears. If you login to a different computer or with a different browser, the web page will ask you to login again. Mark the check box if you do not want to enter the code again for 30 days.

 

 

 

 

About Walker Rowe

Walker Rowe writes a blog about living in rural Chile called 'The Avocado Republic.'
View more articles by Walker Rowe

The Conversation

Follow the reactions below and share your own thoughts.