March 17th, 2011

Two-Factor Verification for Google Apps? Yes Please!

You don’t have to work with any particular client for very long to compile a whole string of urls, usernames and passwords to remember. There’s one set for each WordPress account, one for the ecommerce admin panel, one for the CMS, and don’t even think about the host of social media accounts that you created when you kicked of your web-presence campaign. Multiply that by however many clients you have, and you’ve got a serious need for a solution that is both organized and can be effectively accessed by everyone that needs that information. This extends to you, your client and team members who are working on the project. Keeping track of it all, and who has access to what, is a serious hassle.

That’s why I turned to Google Docs as a way of storing this information. It was something I could keep organized with little maintenance, and share easily. Best of all, I could see who had access to each set of information and change permissions accordingly.

But suddenly, I had another problem to reckon with. My Google Account login  now gave access to more secure information, in one location, than any other single single piece of data I could think of. And some people worry about their SSN!

That’s why I was head-over-heals when Matt Cutts posted about Google rolling out two-factor verification for all of their accounts. Better yet, a quick Google search showed me that I could also enable this two-step verification process for my Google Apps account, which I was basically using to run my business.

If you aren’t familiar with two-factor verification (as a term), you might be familiar with it as a practice. A number of banks employ this type of verification for approving devices. In addition to putting in your username and password, the first time you use a new device, you also get a call or text with a verification code. This means that even if your login info is compromised, it won’t matter unless the hackers also have your phone. (If they have both of those things, you have much larger issues to worry about.)

The setup process for two-step verification blew me away because it was:

  1. Extremely user-friendly and well documented
  2. Features a very cool iPhone app that syncs via QR code (made my day)
  3. Quick and easy

If you keep any sensitive information in your Google Accounts (let alone all the sensitive stuff that passes through your e-mail), I strongly encourage you to take Matt’s advice and set up two-factor verification. Even when you take into account the time spent reading up on what it is, setting up the process, and approving your various devices, you haven’t invested more than half an hour of your time.

I can’t remember the last time peace of mind came so cheap.

Related Articles