Any and every password can be broken. It is only a matter of time and processing power. Many criminal groups use vast server farms to break passwords for computers and servers. Such server farms can make hundreds of millions of password attempts per second. Because of this, there is a high possibility that your email, Google account, iCloud account, One Drive account, bank account, etc. may be penetrated in the future.
Currently, there are two strategies that can help prevent unwanted breach of your accounts: Strong password combined with 2-step authentication.
I've probably numbed your mind discussing the need for strong passwords. But haven't spent much time on 2-step authentication. It's time to do so.
Fundamentally, 2-step authentication (often referred to as 2-factor authentication or 2-step verification) is setting up a secondary authentication process. In most cases, this is done via your cell phone. When you log into an web-based account, the first authentication is your username and password combination. If you successfully pass this test, the second test is a code sent to your cell phone. If you are who you say you are, you will have your cell phone of record with you, retrieve the code, and then enter the code into the authentication screen. When that code is successfully entered, you will now have access to the account.
As millions of accounts are breached yearly, it is vital to implement 2-step authentication whenever it is offered. Microsoft, Google, and Apple offer this service. Check with your bank and credit card sites if they offer it.
In this blog, I will outline how to implement 2-step authentication with your Google Apps for Work account.
Google 2-Step Authentication for Google Apps for Work
The first part of the process is to enable 2-step verification.
1. The administrator of your Google Apps for Work account will need to log in to admin.google.com.
2. In the Admin Console, scroll down to and select Security.
3. In the Security window, select Basic settings.
4. In the Security > Basic Settings window, scroll down to enable the Allow users to turn on 2-step verification, and then click Save Changes.
Now that 2-step verification is enabled, let's get it working for you.
5. Log in to your Google Apps for Work account.
6. Open a new browser window, and then go to https://accounts.google.com/SmsAuthConfig. Click the Start Setup button.
7. At the log in window, enter your Google Apps for Work email and password.
8. At the Set up your phone window, enter the phone number of your cell phone, where codes may be sent, and then click the Send Code button. This will send a code to your phone, verifying you have possession of it.
4. Within seconds a code is received on your device. Enter the code in the Google window, and then click the Next button.
5. At the Verification codes on this computer window, if you trust this computer (and the people who have access to it), enable the Trust this computer checkbox, and then click the Next button.
6. At the Turn on 2-step verification window, click the Confirm button.
7. Thought you were done? Almost. If you use Google apps on your devices, you will need to reconnect to them. Click the Reconnect my apps button.
8. The login window reappears. Log in to your Google account.
9. In the next Passwords window, from the Select app drop-down menu, select a Google app that you use, and then from the Select device drop-down menu, select the type of device, and then click Generate.
10. A 16-character application and device-specific password will be generated. Follow the on-screen instructions to enter the password on your device.
11. Repeat for each of your Google apps in use, and for each different type of device.
Whew! A bit of sweat, but so much better than a stick in the eye–or identity theft.