Passwords are like Pants...

I assume this is ok to mention (meaning I don’t think the bad guys can get anywhere with it).  At the start of 2011, Google introduced two-factor authentication.  Over the summer, I enabled it for my Google account.  What’s the difference or extra?  I’m glad you asked.

Basically, two-factor authentication is based on two “things.”  In my case, it is something I know–my password–and something I have–a code from Google.  When I attempt to login using a google account, I am not only asked for my id and password, but I get prompted for a verification code.  Where do I get the code?  Google has an app that I installed on my phone that generates them.  So, not only do I have to have my keypass (what I use to generate strong passwords) but I also have to have my mobile phone.

So far, the only problem this has caused was when I tried to sign-on using Google’s stand-alone talk application.  I spent a good 30 min trying to figure out why I couldn’t log in.  I was trying to sign-on with a google app account so at first I thought that was the problem (it looked like it was stripping off my domain).  After some Googling, I decided I needed to give up and get back to work.  The next day, I decided to give it another go.  This time, I remembered that Google offers to generate application specific passwords for things that aren’t two-factor compliant.  I generated a new one and, sure enough, it connected straightaway.

If you want to know what I did to enable two-factor authentication, let me know, and I’ll post a HOWTO.

Image from Richard Parmiter via flickr

Leave a Reply

Your email address will not be published. Required fields are marked *