If everyone used-two factor authentication, hackers would have to find honest work. They would not have been able to download Jennifer’s Lawrence’s nude photos from the Apple iCloud, because to login they would have needed to physically have Jennifer’s cell phone in their possession. All those emails and passwords stolen from JP Morgan, Target, Best Buy, LinkedIn, and eBay would be worthless, since without the token generated by the authenticator, the hackers cannot login.
The Google Authenticator generates a code on your cell phone that you can use to login to web pages protected by two-factor authentication (also known as 2-step verification).
Facebook has a code generator and Twitter uses text messages for two-factor authentication (Twitter does not call all wireless carriers in all countries.). Gmail, WordPress, and the Microsoft SkyDrive all will work with the Google Authenticator or cell phone text messages. There are other devices, like the RSA token or Cryptocard, popular with banks. They all use the same one-time protocol that generates a code based on an algorithm and the current time. It works even when your cell phone has the wrong time.
1. First, install the Google Authenticator from Google Play. As a security measure, you can only install this on one device. Install it on your phone, as you will not always have your tablet with you.
2. Log into Google+, Gmail, or Google Docs and click on the icon where you picture or avatar is located at the top right of the screen. Click Account>Security>Two-step Verification.
3. Fill in the screen below. You need to print off and save the Backup Codes in case someone steals your phone or you lose it. If you are hosting your own domain, you could, of course, recover a lost password by logging into your Google domain as the administrator and changing your password that way. But if not, the backup codes are the only way you can log back in without contacting Google, which could take a while.
4. Now when you login to any Google application, the screen will ask you to enter the code generated by the authenticator. Open the Authenticator app and enter the code shown there. It will change after a few seconds, so if you wait too long, enter the new code that appears. If you login to a different computer or with a different browser, the web page will ask you to login again. Mark the check box if you do not want to enter the code again for 30 days.
