If you want to save your digital assets, secure your email accounts through two step verification
August 19, 2012 | by techlineinfo.com
Mat Honan-an- American journalist has lost control of his email accounts and saw the contents of his computer phone wiped off before his eyes. Hackers have exploited vulnerabilities in Amazon and Apple. Honan says
“In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.”
What an embarrassing situation.. Honan continues..
“Had I used two-factor authentication for my Google account, it’s possible that none of this would have happened, because their ultimate goal was always to take over my Twitter account and wreak havoc. Lulz.”
In this digital era our digital assets like social networks, blogs, websites, domains, Paypal accounts,Share Trading accounts, social network applications etc are closely attached with one ore more email accounts. Hence the security of important email accounts is paramount. Normally hackers break into someone’s email account by using various known methods such as password reset security questions, secondary emails, password guesswork etc then how to secure your important email accounts? You can use the two step verification methods feature provided by the major email service providers like Gmail, Yahoo and Windows Live.
What is two step or two factor authentication?
In two factor authentication method your mobile number will be linked with email account. Just entering user id and password won’t be sufficient to login your email account after activation two-step verification. Whenever you try to login from a new device or browser, a PIN will be sent to your linked mobile number and you have to enter that secret code as a second step for login. This gives added security which is almost impossible to hack.
How to activate Two Step verification in Gmail
Activation process of two step verification in your Gmail account is very simple. Keep your mobile phone ready with you and go to this Google Two Step verification Page. Follow the subsequent step by entering your valid mobile number. If you have setup your mobile number as an account recovery option, it will be displayed automatically by default. However you can change that. Select SMS of voice call option as you like. You can select your land phone and set the voice call for verification. Within seconds you will get the code to verify your mobile. You have to enter this code into the text box provided by the browser. Now your Gmail account is secured with two layer security.
Whenever you use Google account from a new computer, mobile phone or a different browser of your computer, or browser with cleared cookies and history you need to enter the additional PIN delivered through SMS. If you are using your own computer or mobile phone, you can authorize the device up to 30 days. Here some FAQs on Google two step verification
Will it work for all Google Products and accounts?
No- Google two step verification works for most of the Google products, but it won’t support the following services.
- Desktop Email clients using POP, IMAP such as Microsoft Outlook, Thunderbird etc
- Gmail and Google Calendar applications on smart phones
- Youtube apps on Mobile phones
- Active Sync for Windows Mobile and iPhones.
- Cloud Print
- Google Talk
- Adword Editor
- Sync for Google Chrome
- Gmail Notifier
- 3D warehouse sketchup
After activating two step verification, the above said applications/services will not run simply with your normal Google password. You must generate Application Specific passwords for each services.
How to Generate Application Specific Passwords?
To generate Application Specific Passwords, go through this Authorizing Application and sites page. Go to the Application-specific passwords section as seen below.
Enter a name for the application or service you want to authorize. Make it descriptive for easy identification and future reference. For example if you want to generate an application specific password for your Microsoft Outlook Desktop application- Use “Microsoft Outlook – Laptop” or something like that. Click the generate password button. Now you will get a lengthy password, Just enter this generated password as the Google password for your application. You need not to memorize or store it somewhere. Remember, this password is applicable for that particular application only. You have to generate separate passwords for each and every applications / devices you use. This passwords will be saved in your application, until you uninstall the application or revoke the access from Google account.
You can Revoke the access of a particular application any time by clicking the revoke link against your application. See the image.
Is there any option to login when I am in a place where no network coverage to receive SMS or in a foreign country?
Yes here you have two options.
(a) Use backup verification codes: Go to your Google Two step verification page. Click the Show Backup codes link. You can take the printout of the backup codes from the opened popup window (See the image). There will be ten disposable backup coded which can be used ten times only-one code for one login. You must mark the used codes accordingly. Once all codes are exhausted, you can re-generate the codes by following the same steps.
(b) Google Authenticator Mobile Applications: You can use Google Authenticator stand alone smart phone applications for generating two step verification PINs. Android, iPhone/iPad and Blackberry applications are available.
- Download Google Authenticator in Google Play store.
- Download Google Authenticator for iPhone/iPad from Apple iTunes
- For Black Berry phones – Open your web browser and go to http://m.google.com/authenticator for downloading and installing the application
Enable Two Step Verification in Yahoo mail
To enable two step verification in Yahoo accounts go through this link https://edit.yahoo.com/commchannel/sec_chal_manage . After logging in with your existing password, you will get the following page
Here you have two option to select as a second step.
(1) Use either your security question or mobile phone number for verification
(2) Use only your mobile phone number for verification
It is good to use the second one, because the security questions and answers are guessable. Update your mobile number and you will receive a PIN as SMS instantly for verification. After the two step security activation, whenever you are try to login from a new device/browser, Yahoo will ask the secondary verification option apart from the password. See the screenshot
Here you will get the PIN through SMS , voice or the secondary email non Yahoo email id , that you have entered in your Yahoo account settings. Like Google, here you don’t have the option to use backup codes, mobile aps etc.
How to activate two step verification in Hotmail (Live)
Microsoft has not yet enabled two step authentication system in their email service. However they have enabled the same with their services like billing.microsoft.com, xbox.com to buy points and Skydrive. When you access the above said applications from a new computer, apart from password it will ask for the code sent to your alternate e-mail address or mobile phone that has been previously associated with your account.
Single User Code for Microsoft Live Accounts
This is the only secondary security option that you can use with your Microsoft accounts while logging in from an untrusted computer. In this system, instead of using your password, a single use code can be used. If you opt this option while logging in, a text message will be sent to the mobile phone that you have configured with your account. You can use this code as your one time password.
Have you activated Two step authentication in your email account?