Google Authenticator is a free security app that can protect your accounts against password theft. It’s easy to set up and can be used in a process called two-factor authentication (2FA) offered on popular services like Gmail, Facebook, Twitter, Instagram, and more.
The app (iOS/Android) generates a random code used to verify your identity when you’re logging into various services. The code can technically be sent to your phone via text message every time— but the Google Authenticator app provides an extra level of security.
SMS-based 2FA has a known security flaw, and any devoted hacker can attempt to socially engineer an attack against your phone company. The Google Authenticator app eliminates the possibility of an SMS-based attack using algorithms to generate the codes on your phone.
Here’s how to set it up:
1. Download Google Authenticator from either the Apple App Store or the Android Google Play store. It’s free.
2. Next, set up two-step verification on your google account. Log into your google account. Under “Security and Sign-In” select “Two-Step Verification,” and then scroll down to select the “Authenticator app” option.
3. Select your phone, Android or iPhone.
4. Open the actual Google Authenticator app your phone and tap the plus button:
5. At the bottom of your screen two options will show up, “Scan barcode” and “Manual entry.”
You only need to choose one of these options to complete the process. Using the “Scan barcode” option takes a bit longer to complete, requiring you to download a QR scanner from the app store and then pointing your phone at the QR code on your computer screen to verify Google Authenticator’s connection with your account.
In contrast, “Manual Entry” just means that google will send you a 16-digit code to an e-mail address. You then enter the code to complete the verification process:
Make sure the “Time Based” option is toggled to ON, to ensure the code you’re entering is aligned with the Authenticator’s most recent passcode generation.
Now, each time you log into the account you’ve connected with Google Authenticator, the account will ask you to enter a six-digit verification code. Simply open the Google Authenticator app, and the app will generate the new, randomized code for you to enter.
(Remember, If you stay logged in, you won’t need to go through the 2-FA process during each login.
Congratulations. Your account is not only protected with two-factor authentication, but with the added security of Google’s six-digit authenticator code.