Hi! In this article I’m going to explain what multi-factor authentication is, and why its important to everyone who works online, no matter the size of your business.
I’m also going to show you how to turn multi-factor authentication on for your free Google account.
Ok, let’s dive right in.
What is multi-factor authentication?
Multi-factor authentication (MFA) is a way to prove your online identity through two different checks. It is sometimes called two-step verification (2SV) or two-factor authentication (2FA).
The two checks are a combination of something you know (like a password or passphrase) as well as something you have (like a mobile phone or security token). Because both items are needed to access an account, it makes it much harder for criminals to gain access to your account.
If you’ve ever tried to pay a bill through your online bank account, and been required to enter a code sent via SMS, then you’ve encountered multi-factor authentication in action. You logged in using your password (something you knew) and then needed your phone (something you have) to continue.
Why should I care about two-step verification?
You might be thinking that your business is too small to need 2FA but sadly that’s not the case. The 2020 Australian Cyber Security Centre Annual Cyber Threat report identified that 10% of all cyber incidents were reported by small businesses (including sole traders) with losses ranging from the thousands to hundreds of thousands of dollars.
So let’s not become one of the statistics right?
Get 2FA protection for your Google account
One of the things I like about Google is how everything is tied together – once I log into my account I have access to lots of time saving options including auto-fill from my password manager. However that same flexibility means that if someone gets access to my Google account password, they’ve got access to everything.
To reduce the risk of that happening I’ve set up 2FA on my Google account using my phone as the second authentication device. Now, if I’m logging into another computer I need to not only enter my password, I need to have my phone handy to get the second tier of authentication completed.
Follow these steps to set up your phone as the second part of mult-factor authentication
First, you’ll need to make sure you have 2-Step Verification turned on for your Google Account.
Step #1: Sign into your Google account on your Android or iPhone phone and turn on Bluetooth
Step #2: On your computer, navigate to myaccount.google.com/security
Step #3: Scroll down to the Signing in to Google section and click on 2-Step Verification
If you already have 2-Step verification turned on, then your next steps start from Step #8.
Step #4: Click “Get Started”.
You’ll probably need to enter your Google account password again. So do this, and then click on Next.
Step #5: Check that the phone being shown is actually your phone and then click on Continue
Step #6: You’ll now be asked to add a backup option in case you lose your phone. Rather confusingly, the default option is to send a backup option to the phone number associated with your Google account!
Do not accept this option!
Click on “Use Another Backup Option” and either Print or Download the backup codes that are provided – make sure you put them in a place you’ll be able to find them again!
Step #7: Click on ‘Turn on’ to turn on 2-Step Verification
Step #8: Scroll down the screen and click on ‘Add Security Key’
Step #9: Click on your phone name. You’ll be asked to enter your Google Account password again.
And then the next time you try to log into your Google account you’ll see this on your computer screen:
and get something like this on your phone
And that’s it, you’ve added 2SV to your Google Account, making it much more secure.