To access an email account with a normal security system, simply enter our address and our password. But what happens if someone is our password for the method that is? This is where itmakes sense the figure of the "two - step verification" that has introduced Gmail and it is very useful to prevent unwanted intrusions.
The two - step verification, as defined by Google, requires two factors: something you know (your password) and something you have in your possession , as a code sent to your phone. In this way, you need both to access. No use having only the password. It is something similar to what some banks offer online services, in addition to ask an identification code to request a key is a physical card we have. When we got into our account, we will see the following message:
The two-step verification prevents others from accessing without permission from the user's account if they find out the password. The attacker, guessed or otherwise, steal your password, can not log without user verification codes, which can only get the user through their mobile phone.
We have seen the advantages enable two-step verification to our gmail account, now let's see how to activate this free service.
One. Login to your Google account in your web browser and then visit the Security settings for your Google account : https://www.google.com/settings/security/. You might have to enter the password once more to open the settings.
Two. In the section under Password & sign-in method, click on 2-Step Verification.
Three. If it is not already selected, click Verification Codes.
Four. Under Backup Options, click Add a phone number. This is an important step should you ever need access to your account and find yourself without your YubiKey. Note that we recommend that you have a second YubiKey for backup so that you can always access your accounts – similar to how you have an extra copy of your keys for your house and car.
Five. In the Add backup phone number dialog box, enter your phone number and specify how you want to receive codes (usually by SMS text message).
Six. Now you are ready to register your YubiKey as your 2-Step Verification device. Click Security Keys, and then click Manage.
Seven. This is the really cool part! If your YubiKey is inserted, remove it. Now click Register, insert your U2F YubiKey, wait for it to blink, and tap the YubiKey button. Your YubiKey is now registered to your account as your default Two-Step Verification device!
Eight. The screen now displays all devices that are registered to your account, so you can easily add another Security Key, or remove registered keys. (If you accidentally lose a YubiKey, come here and remove that YubiKey from your account. No one could log on to your account, though, because they would still need to know your password.)
In this case, the service offers the ability to add the phone number of a relative or friend. In an emergency, you can ask them to send a verification code to that number. It can be a number of mobile or fixed phone and not use it unless you ask.
If our phone is not available, we could only log into the account with these codes. You can store them in a place you can easily access, such as your wallet.