Hacking attempts are real (check out this article from Wired) in today’s society. With an increased number of internet users, the number of hackers who try to break into the websites has been on the rise. Not too long ago, some Twitter users had their account information compromised while just very recently, Evernote had to reset all of their members’ passwords because of hacking issue.
To reduce – since no prevention is bulletproof when it comes to cybersecurity – possible damages from these attacks, some internet users like myself have chosen to utilize Google’s 2-step verifications, which add another level of security in addition to the usual passwords. 2-step verification is unique in that the additional information needed to access the account changes constantly, and only the app from Google can allow the person to access it. Therefore, it is far more secure than just relying on the passwords.
App-Based Passwords
One of the first difference with using 2-step verification is that security is in place not just for web browser e-mails, but for all Google services used. This meant that for built-in e-mail system for my iPhone, I had to create an app-based password that I can enter for it to remain connected to the Gmail service. A good thing was that this password – which was randomly generated by Google – had to be entered only one time and did not require additional passwords. A bad thing was that it sometimes had difficulties connecting to Gmails, but it’s not clear whether this was due to 2-step verification or simply, Gmail’s connection problem with Apple’s built-in e-mail system.
Other services like Google Drive or Google+ worked in similar way as the web browser in that logging into these services also required typing in the random number series generated by the authenticator app from Google. But, as in the case of built-in Gmail, logging in for the first time allows the connection to remain in the apps, so for these services, this one-time connection – and without special password for apps (which I thought was very good not to do) – was all it took.
Downfalls of 2-Step Verifications
While added security is certainly a plus, it has not been completely comfortable to use. For one thing, if I ever wanted to log into check my Gmail from another computer, I would have to be near my phone. While not having the authenticator app is not an issue since the random number series could also be received via text message, it is very difficult – almost nearly impossible – to gain access to e-mails without having the phone near. This poses a problem for a lot of people since people can lose their phones or end up having problems to it. As a matter of fact, I had a situation where I had to check my Gmail but was on the phone – therefore, I had to wait until I was done with the call to use the phone for authentication.
There is, however, a solution to this (which I realized after this situation), and it is to link Gmails to applications in other devices like tablets, or install Google Chrome on the main PC and use the connection that way as a back-up.
Why I Am I Still Holding onto This?
I think that despite all these hassles and inconveniences that made me to receive funny looks from some people, I still hold onto this step for security reasons. It is far better than security questions because some of these questions are too obvious or too difficult and therefore not easily recalled. Furthermore, many applications and game services use Facebook or e-mail accounts in lieu of actual registrations, so having a strong security is essential. Needless to say, more and more people are relying on online banking services (Bank of America has a mobile banking app for instance) and use payment services over the web like PayPal, so a weak cybersecurity to e-mail is not just an exposure to personal e-mails, but more importantly, a possible connection to risks in financial assets and private data.
To be fair, this is not for everyone, especially since not all people would want to authenticate for checking into e-mails. But, for some people who are a bit more conscious about security over internet, it’s something to consider about implementing for yourself.
