Google’s 2-step verification
Google 2-step verification is a great step forward for security! It can be a little daunting at first, but once you have everything setup I think the increased security is well worth the effort spent.
What it does is basically to break the well-established paradigm of “one-account-one-password”. Instead, one account has multiple passwords, which are called “application-specific passwords“. The idea is that, e.g. if you setup to read your Gmail on your smartphone and then you lose it, you can revoke that password without having to change the password you use to read Gmail on your browser! These passwords are 16 characters long.
In addition to the application-specific passwords, you also have one-time passwords (called “verification codes“) that are used (in addition to your normal password) for signing into your account using a browser. These codes are 6 digits long. You can have them sent to you by SMS, or you can install the “Google Authenticator” app on your smartphone to have the verification codes generated by your phone each time.
Google 2-step verification:
Google Authenticator, the app that turns your smartphone into a token: