[LOCKED] Extra Security for Your Google Accounts

What if you enable 2FA using phone-AND-PIN, then you lose your phone and want to log in your google account on a PC to use "Find My Phone". You won't be able to log in because you'll need the PIN that's sent to your lost phone!

I have no idea what you are talking about. I have been able to understand all your articles until now.
I am of the older older generation and stay on my computer off and on all day. But I use flash drives and disk for everything I write and all my email.
Keep writing you have educated me in all your writings until now. Sorry, I'm so behind the times.

I have no idea what you are talking about. I have been able to understand all your articles until now.
I am of the older older generation and stay on my computer off and on all day. But I use flash drives and disk for everything I write and all my email.
Keep writing you have educated me in all your writings until now. Sorry, I'm so behind the times.

I like using the Two-Factor Authentication as it what I use when logging into my Paypal account. I feel very safe and secure with regard to my Paypal account.

Bob, what about a Yubikey(yubico.com) for 2FA? I've been researching them, but haven't bitten the bullet yet. It sounds similar to the USB security key scheme, but can be use for multiple 2FA sites. There are probably similar 'keys' out there as well.

If for some reason you're unable to use the Google Authenticator app one can download a series of authenticator numbers each of which can only be used once. However, it's always possible to download additional authenticator numbers.

You forgot (I do not want to imply misinformation) to mention that the Google's USB Security Key Authentication works only with Chrome, and that it requires a USB port, which rules out mobile phones and most tablets.

The combination of the terms 'google' and 'security' in a single sentence sounds like an oxymoron to me.
How much personal information must google demand from us?
Now google is saying that in order for me to "secure" my gmail address (w/2FA), I now have to give them my 'real' telephone number?
Is there an end to this google big-data saga?
Heck, google may even have more secure servers than the federal government: But that does not make them any less vulnerable to security breaches than neither the Feds or Yahoo.
One possible solution would be to divest oneself from the google dominion.

Be careful about 2FA if you're traveling abroad. Unless you have cell phone service in the foreign country, the text that it sends you will not get delivered. There is a workaround of sorts, if you've set it up. Google will send the password to another email account. If you haven't done this, there is no way that I know of to complete the 2FA.(Maybe somebody does)

I should note this happened to me while visiting in Cuba earlier this year and brought to light another problem wth 2FA: in many countries the @ symbol is accessed by a different combination of keys (in Cuba you press the Ctrl and Alt key simultaneously and then the number 2 key). I had used my wife's email account as the backup in case I couldn't receive a text. You have to tell Google where to email the password; unless you have the @ symbol, you can't enter this information!

I'm in the same category as Judith Jordan. But I don't use Google, don't have Google mail. Does any of this relate to me?

@ pshaw,
2FA may just "relate to" you: See if you do business with any of the web companies listed in this link >> https://twofactorauth.org/
Soon, the rage will be all about biometric security; and that is when google will probably demand your medical records for log in...

How does this affect getting gmail on iphone (or any phone)? Can you make the phone a trusted device and never have to think about that?

Thank you for a very informative article! I had never heard of Google's USB security prior to reading your article. Unquestionably I'll be purchasing one soon.

Hi Bob, very good article as always. I like that USB idea, especially having to be able to have more than one USB key, I'm very particular about giving out my Phone #. Besides if a person has a google account, they already have my Phone # anyway. This would be perfect for at home with my desktop.

Any suggestions on using two factor authentication in the event you don't want to give a phone number to google or other data broker? I may be old fashioned but I never give phone numbers to companies who collect information about me knowing that this number gets sold to telemarketers.

I'm a senior who has been using two-factor authentication with Google and my banking site, ever since each began offering the option. After the original set-up pains, both have been trouble-free. It's highly recommended that people read up on and learn to use this important security feature, before their accounts get hacked.

And while they're furthering their education on protecting themselves, they should also get a good password manager, study the tutorials and then use it to generate new nonsense passwords, as well as use it to insert them into all sites requiring log-in credentials. Many professional computer troubleshooters advise that if a password can be remembered or is less than 20 characters long, it isn't secure.

Yes, changes in the way we've been doing things for years can be very challenging. But, making an effort to learn about and institute these is EASY, when compared to dealing with the fallout from compromised identities and accounts.

I'm a little lost too, on this article. It doesn't say that's what it's for, but everything in most of this article is about using a phone or similar, not a PC. So it doesn't apply to a PC?
But at the end you tell how to retrieve whatever from the computer you are on. I don't know what that means. A phone won't take a normal USB drive, which is what that section is talking about using. And if you have only your phone and not a computer available, how does that help anyway?

I have a number of problems with these. The first is I don't have a mobile phone so that option isn't available. I don't want to have to remember to carry around a second "thing" like a pad or USB key or even a phone if I did have one either. The problem is that accounts like Google have grown from just an email to something more encompassing that may also provide access to other platforms (Login with Google).

Maybe an option would be to have some form of confirmation stored on approved devices with an expiry date. If new or expired then an additional security measure is called to create or renew that data for that device. Certificates or the like is the sort of thing I'm thinking here.

What I have noted though is that if something new tries to access (say GMail) it isn't allowed until I approve it.