It is vitally important to keep your email account as secure as possible. Google is one organization that emphasizes security, so take advantage of it! For Google Mail, it is easy to enable 2-step authentication. The idea is simple: in order to log in, you must provide something that you know (your password) and something that you have (your phone).
Think about this for a moment… normally if someone gets ahold of your email password, they could read your email (or impersonate you!). Think about it a bit more: once a hacker is in your email, they can visit other sites (like Facebook, PayPal, or ???) and they can easily click the “I Forgot my Password” link, and POOF: they’ll be able to log into any site that uses that email address.
The bottom line is that a hacked email account can start a chain reaction that can destroy your digital life. But with Google Mail, there are steps you can take to prevent this.
Here’s a brief video showing you how to set this up. If you’re not the domain administrator, then you can follow along with steps 4-7 below.
Enabling 2-Step Authentication in Google Mail
If you are not the domain administrator (e.g. if you are an employee) and you know that your domain administrator has already enabled this, then you can jump to step 4.
- Log into the Google Mail account that is the administrator for your domain.
- Click the Gear icon at top-right and click the “Manage” Link. That should bring up the administrator control panel.
- Click on the “Advanced Tools” tab, then check the box labeled “Allow Users to turn on 2-Step authentication”.
- Head back to the mail page by clicking the “Mail” link at the top of the screen. (If you’re not the domain administrator, this is where you would begin: inside your Google Mail home page).
- Click your email address at the top right: this should open a drop-down menu. Click the “Account” link next to your account avatar image.
- Click the “Security” link in the left-hand menu.
- In the “2-step Verification” section, click the “Settings” link and enter in a valid phone number.
See also Google’s official documentation.
Using Mail Applications
For our friends using iPads, smart phones, etc. and who are running a Mail application, you have to set up an “Application Password” for these applications. These single-use passwords are intended for use by a single application, and they bypass the 2-factor authentication. This is necessary because some applications don’t yet support 2-factor authentication, so the application-specific passwords offer a workaround that still takes advantage of the stronger security features.