Google Two Factor Authentication

There seems to be a lot of trust in the cloud now a days, imagine if someone stole your hotmail, yahoo, gmail, aol email username and password.  Would the be able to steal everything else?  I mean stuff like reset your account checking account passwords, etc?

In August of 2012, a writer named Mat Honan for a tech magazine called wired was hacked.  The speed if this hack was amazing

http://tech.slashdot.org/story/12/08/07/1453243/wired-writer-hack-shows-need-for-tighter-cloud-security

One thing this article mentions as a means of protecting yourself is two factor authentication.

If a web services offers it, I now enable it.  I know as of today, google and facebook offer it, and I think MSN does as well.

I am going to simplfy it here, but basically in addition to a username and password, these services require a 3rd code be entred, usually from an app on your phone.

Here is an example with google.

After you set it up, here is how it works.  You log in to google like you normally would,

But you will get a second "verification" screen where you have to enter in a code.

The code can be sent to you via SMS, or you could have a pre-saved set of passwords somewhere safe.  I prefer an app which google provides.

The cool thing with this app is that it changes every minute

That is why it is called two factor, you need something like a username and password, and a device like a key or special rotating code.

There are some things that you have to work around if you use two factor authentication, for example, if you use gtalk you will need to set up a one time "device" password.  If someone steals that one time password, the will not be able to use it to log into your account.

Final note, you still should exercise caution, antivirus, don't stay logged in to public computers, use hard to guess passwords, two factor authentication is just another layer (a pretty darn good layer) of protection.