Google offers several options to protect your account against fraudulent logins. Between Gmail emails, photos stored on Google Photos, and any personal documents scattered on Docs, Sheets and Slide, your Google account is a real safe for sensitive data. It should also be remembered that it serves as a gateway to your YouTube account, if you have one. It can even act as a sesame for other accounts, if you use “sign in with Google”.
Ensuring its security is therefore essential, and you can do it in minutes by activating two-factor authentication, or “two-step verification” as Google calls it. Thanks to it, even if a malicious person recovers your identifiers, for example in a leak or through phishing, they will not be able to access your precious account. Here’s how to activate it, with an image, from a computer.
Enable two-step verification, in pictures
- To get started, log in to your Google account, click on your profile and then on “Manage your Google account”. You will land on your account management page. Another way to do this is to type “myaccount.google.com” directly into your web browser’s search bar.
- On the left of the screen is a menu: click on “security”. Then scroll down to “Sign in to Google” and select “two-step verification”. You will need to enter your Google account credentials to continue.
- All you have to do is follow the steps suggested by Google: enter your phone number, and decide whether you prefer to receive the double authentication code by SMS or by call. SMS reception is more discreet, but it will not necessarily be suitable for people who do not have a suitable smartphone or who are not used to its use. Finally, click “activate” in the next step, and you’re done.
From now on, to connect to your account from a new device, you will have to give your email, your password, and a 6-digit number as in the screenshot below (if you have chosen to receive it by SMS). A possible criminal will not have this code, and to obtain it, he will have to use a complex and targeted method, such as SIM Swapping.
Google offers other two-step authentication methods
Double authentication by SMS or call is not necessarily the most comfortable for everyone. So Google offers other alternative options (you can use different sign-in options) from the 2-Step Verification menu:
This system requires downloading the Gmail application on your smartphone, then logging into your account. Once it’s done, all you have to do is add the phone number from the double authentication menu on your computer.
Each time you try to log in to your account, you will receive a notification in your Gmail app. You can accept it in order to validate the connection, or refuse it if you are not at the origin of the connection attempt.
Download the Google Authenticator app from the Google Play Store or App Store. This app is light, and does not require you to create an account. Next, click on “Set up Google Authenticator” on your computer. A QR-code will be displayed: open the camera of your smartphone, and focus on the code. Your smartphone will ask you to open the app, do so, then agree to “create a token”.
Google Authenticator will randomly create a 6-digit code usable for double authentication, which it will renew every 30 seconds. To validate the implementation of this method of double authentication, you will have to enter one of these 6-digit codes on your computer, and validate it before it expires.
This option is aimed at the most demanding people, and those who would like to do without a smartphone. Security keys – like Google Titan – are physical devices, which must be connected to the device on which you want to open the Google account. It is a particularly safe solution, since a thug has no choice but to steal it if he wants to break into your account. On the other hand, it can be more cumbersome to use than other methods, since you have to carry an additional device in addition to your smartphone. And then, it’s an additional cost, since you have to buy the key.
Guarantees in case of loss of your phone
To ensure that you can sign in to your account even if you lose your phone and/or phone number, Google offers two options, accessible from the 2-Step Verification menu:
- Add one second number phone number for double authentication: it can be another one of your numbers, or that of a loved one in whom you fully trust.
- Download and/or print “backup codes”. Google will randomly generate 10 8-digit codes, which will allow you to pass the double authentication.
You can only use each of them once. It is best to print them out and keep them in a safe place. You can therefore do without a smartphone and a security key to log in to your account.