In light of recent security issues relating to Google Accounts being hacked, I thought I should try out 2 factor authentication on my primary Google Apps accounts. While doing so, I changed the passwords as well.
All 3 accounts now have a 64 digit random string passwords made of upper and lower case letters, numbers and special symbols (for some reason ‘Strong’ didn’t seem to quite do that justice!).
Turning on 2 factor authentication is pretty straight forward. In Google Apps it needs to be enabled at a domain level, then turned on by each user account individually. It uses your phone as a method to transfer a code which you must enter when you log into your Google account when you log into it. Seemed like a bit of a pain in the ass, but it’s not so bad. It asks you for it every time you log in on a new device, and you can ‘trust’ a device for 30 days (presumably via a cookie) so you don’t need to enter it every day.
I did the SMS notification method (you can also do a voice call) and all messages came through to my phone within 15 seconds.
In case your phone does not have a signal, you can also install the Authenticator app (other platforms available) which does the same job – it generates a code per account which you can use to gain access. In case you lose your phone completely, I also downloaded 10 printable codes and saved them to Passpack. If I don’t have internet access, I can’t log in anyway!
Lastly, as not all devices support 2 factor auth, you need to create device specific passwords for some devices (like an Android phone). You create the device and it generates a 16 digit lower case password split into groups of 4, so it’s pretty easy to enter.
I’ll see how I get on with it. I’m hoping it should be pretty straight-forward and not represent too much of an inconvenience, while making my accounts utterly hacker-proof. I’ve noticed a couple of little issues so far, but will write up another post once I have a bit more experience using it all the time.