2FA is a security measure that verifies your identity when logging into an account by requiring the use of two different types of authentication. This article is about 2-factor authentication which we use for protecting our accounts from unauthorized access.
2FA is convenient and secure.
Google has now enabled 2FA by default for all accounts. We’ll show you how to use this handy protection conveniently and prevent being locked out of your account.
Late last year, Google switched all accounts to two-factor authentication (2FA). So, in addition to a username and password, to log in, you need a smartphone linked to the same account, which you tap to confirm. Although two-factor authentication can be turned off at https://myaccount.google.com/intro/security, we recommend that everyone keep this important and helpful security feature.
Instead, we prefer to enable other 2FA options for logging in with different mobile devices. If you don’t have another mobile phone, use a tablet or even a password manager. And, of course, make sure you have printable (and hideable) security codes, so you don’t lock yourself out of your account. These tips – especially when using the Authenticator app – are also helpful for other 2FA services, as they are often set up similarly.
Add more tools
Google’s default 2FA solution is “Google notifications”. After entering your login details, a question will appear on your mobile device asking if you are trying to sign in. If we confirm (sometimes by selecting the number that appears on the computer screen on our mobile device), we can use the service on our computer. If you want to use other mobile devices to sign in to 2FA, sign them into the same Google Account. On Android, you can do this by going to “Settings | Accounts | Add account”, while on iOS devices, you need to install Google or Gmail first and then sign in.
To set up time-based one-time passwords (TOTP), go to myaccount.google.com/ security, click the arrow behind “Two-step authentication,” and follow the wizard. Once the process is complete, click on Set Up under “Authentication Application” and follow the instructions again. You can also click on the “Try Differently” button when logging in to then enter the code you see in the Authentication application.
Share TOTP with the second device
In the Google Authenticator app, tap on “Move accounts | Export accounts” in the menu and select all the accounts you want to move to another device’s Authenticator. Once there, start the same operation, but select ‘Import accounts’ and scan the QR code displayed on the first device.
Using the TOTP alternative
Instead of using Google Authenticator, you can scan the TOTP QR code displayed in step 2 using another TOTP application. For example, you can do this with the Bitwarden mobile app (or any TOTP-compatible password manager). You can then copy the TOTP code to the clipboard by clicking on the clock icon in the Bitwarden extension and pasting it into the website.
Create security beavers
To lock yourself out of your account, you would need to lose all your configured mobile devices (and even your password manager). But if you want complete security, go to myaccountgoogle.com/security, go to “Two-step authentication”, click on “Security codes”, then follow the instructions. If all other 2FA methods fail, click on “Try another way” when logging in and select the “Enter one of the 8-digit security codes” line.
About Google’s two-step identification
Google two-step identification is a security method that you can use to protect yourself against account takeovers by using another step in the sign-in process, whether it’s a code sent via text message or an app like Google Prompt.