Your password is revealed online, and friends told you that your email is hacked. In the midst of the latest large-scale scare, many users wonder how they can stay safe in this increasingly more unsafe online world. Google claims that the account information (including passwords) of 4.93 million users, posted on a Russian Bitcoin security forum, is indeed not a result of their service being hacked. In a recent statement, Google puts the blame on malware, phishing, and the still common reuse of login credentials (Read the Google statement here).
You cannot ever be 100% protected, but you can dramatically reduce the chances of having your account compromised. “One of the simplest, yet most effective ways you can protect yourself is to use the 2-step verification method, often called two-factor authentication.” Says Ondrej Krehel, the managing director of LIFARS. “This way, even if a hacker steals your password, he will hot be able to actually log in to your account.” He adds.
2-step verification is an extra layer of security, which many of the top online services use nowadays, including Google. It requires the user to verify that it is, in fact, them logging on. This is often done via a text message, a phone call, secondary email, or even an app with a code generator (like Google Authenticator), which you’ll need to provide during the process of logging in. Two-factor authentication is based on principle: something you have and something you know.
Here’s how to do it in Gmail (or a Google account in general):
1. Click on your picture in the upper right corner. Then click on “account”.
2. On the top, click on the security tab.
3. Enable 2-step verification.
4. Google will guide you through the rest of the process.
And yes, there is also OpenID, which would require another blog.