Azitech

Azimout's Linux weblog

Google’s 2-step verification

leave a comment »

Google 2-step verification is a great step forward for security! It can be a little daunting at first, but once you have everything setup I think the increased security is well worth the effort spent.

What it does is basically to break the well-established paradigm of “one-account-one-password”. Instead, one account has multiple passwords, which are called “application-specific passwords“. The idea is that, e.g. if you setup to read your Gmail on your smartphone and then you lose it, you can revoke that password without having to change the password you use to read Gmail on your browser! These passwords are 16 characters long.

In addition to the application-specific passwords, you also have one-time passwords (called “verification codes“) that are used (in addition to your normal password) for signing into your account using a browser. These codes are 6 digits long. You can have them sent to you by SMS, or you can install the “Google Authenticator” app on your smartphone to have the verification codes generated by your phone each time.

Google 2-step verification:
http://support.google.com/accounts/bin/static.py?hl=en&topic=1056284&guide=1056283&page=guide.cs

Google Authenticator, the app that turns your smartphone into a token:
http://support.google.com/accounts/bin/answer.py?hl=en&answer=1066447

About these ads

Written by azimout

12/12/2011 at 15:21

Posted in News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: