Every day cybercriminals try to breach our Google accounts and other platforms, with the aim of making a profit and stealing our data. One of the techniques they can use is a Phishing attack to steal our credentials. If we want to add extra security to our Google account or to the accounts of other platforms, we can use two-step verification. To obtain that second defense barrier we can use a Google app that is completely free for Android and iOS smartphones. In this tutorial we are going to learn step by step how to protect your accounts with Google Authenticator and prevent them from being hacked.
The first thing we are going to do is find out what the use of Google Authenticator is and what it can offer us. Then we will explain how we have to activate two-step verification in our Google account, we will also see how to download the app and configure it. Finally, we will see how the login mode changes after activating 2FA authentication on our computer.
What Google Authenticator gives us
Google Authenticator is an application that will allow us to activate two-factor authentication or 2FA in Google accounts and in those of other platforms, such as Dropbox. If we activate two-step authentication, we will gain a second line of defense. Thus, in the hypothetical case that someone manages to find out our password, either through a brute force attack, filtration, or randomly, they could not enter the account. In short, what the two-step verification does is that through an application, email or SMS text message it will allow us to verify our identity when we log in. Here, in this specific case, what we are going to use is the Google Authenticator app.
As for the application, we have it available for Android and iOS operating systems. A good starting point would be to have it downloaded for when we need it. If you want to download it for Android you can do it from the Play Store from here:
On the other hand, if you have iOS you can get it from the App Store from here:
One very interesting thing about Google Authenticator is that it can generate free verification codes even when our mobile is without an Internet connection .
Next, we will explain how to use it through an example with a Google account. First we will see how we activate the verification in two steps, and then we configure it so that in the second step we can use this app.
Activate 2-Step Verification for your accounts
Obviously to use Google Authenticator we will need an account compatible with multi-factor authentication. What we want in this case is for this app to be that second step. In this case, we are going to take Google as an example, although there are many more that support it. The first thing we have to do is enter our Google account by clicking on this link and log in with our credentials if we have not done so before. Then we will have to go to the Security section and look at the section Sign in to Google
There we click on Verification in two steps and then a window like this will appear where we will click the Start button.
Next, it will ask us to re-enter the password for our Google account.
In this case, for the two-step verification, we have chosen to send us the codes via text message to the mobile.
After we have unlocked the mobile, we have looked at the SMS code, we have entered it and clicked on Next .
Next, we will see a screen like this that tells us that we have entered the code correctly and click on Activate to activate the 2FA authentication.
Here we see how we have activated the verification in two steps. The method that we have by default now as the second step to enter our Google account will be a voice or text message from which we will obtain a code. If for any reason you want to remove the two-step authentication, you can do so by clicking on the Deactivate button.
Choose Google Authenticator as authenticator
In our case we have already commented that the second method that we want to use is going to be Google Authenticator. If you go down below you can find it along with a few more second steps that also serve to verify identity. So we go to the Authenticator Application section and click on CONFIGURE .
At this time we have to tell you if we have a smartphone with Android or IOS. Ours is Android and then we select Next .
Then it asks us once again to re-enter our password and click on the Next button.
As what we want is to use Google Authenticator, click on Configure .
Next, what appears to us is a QR code that we must scan. Therefore, if we have not done it before as indicated, we have to download it from the Play Store or the App Store as the case may be.
The next thing we are going to do is open the Google Authenticator app on our smartphone and we will see a screen like this. Here what we have to do is scan the QR code that appears on the screen of our computer.
Next in our application we will see the name of our Google account, and the verification codes will appear just below. In this regard, it should be noted that you have to be quite quick to introduce them because in less than a minute they change. Our next step is to keep the Google Authenticator app open, enter the code without wasting time and press the Verify button.
Here you confirm that we have done the procedure correctly and click on Done .
Then go back to our Google account and we see how Authenticator is now our second default step. The other voice and text message is still active and could be used if necessary.
Change login with 2FA verification
Before entering our Google account, it was enough to just enter the password. Now things have changed, one more step is needed. The first step as always will be to put our password.
Then we will need to take our mobile, open Google Authenticator, and add the verification code that is currently on the screen.
It should also be noted that in Try another way you will have available other second steps that you have previously configured. In this case, we would also have the option of voice and text messages.
As you have seen, it is really easy to protect our Google account with two-step verification. This process would be done exactly the same in other services such as Dropbox, Microsoft Outlook and many others, simply what we will have to configure is the two-step authentication and enable the authentication we want to be with the authenticating application. We must also indicate that there are other very interesting applications such as Latch from Eleven Paths and even Authy that will allow us to save the tokens of these 2FA authentications in the Cloud. Google Authenticator stores tokens locally, this means that if we restore or change smartphones, we will have to reconfigure all accounts.
