1. Technology
You can opt-out at any time. Please refer to our privacy policy for contact information.

Discuss in my forum

How to Secure Your Gmail Account with Two-Step Verification (Password + Phone)

By

A young woman using laptop and phone
Aping Vision/STS/Photographer's Choice RF/Getty Images

Your Gmail password is long and silly, difficult to guess; your every computer is protected from malware and key-loggers that could snoop on your typing that password as you log on to Gmail. Still, more protection is better and two codes better than one—especially if one can only come through your phone, right?

With two-step verification, you can set up Gmail to require a special code for login in addition to your password. The code comes through your phone and is valid for 30 seconds.

Secure Your Gmail Account with Two-Step Verification (a Password and Your Phone)

To have Gmail ask you for a remembered password and a code sent to your mobile phone to log in for enhanced security:

  • Click your name or photo in the top Gmail navigation bar.
  • Select Account from the menu that comes up.
    • If you do not see your name or photo,
    • click the Settings gear in Gmail,
    • select Settings,
    • go to the Accounts and Import tab and
    • click Other Google Account settings.
  • Go to the Security category.
  • Click Setup (or Edit) under 2-Step Verification in the Password section.
  • If prompted, enter your Gmail password under Password: and click Sign in.
  • Click Start setup ›› under 2-step verification.
  • If you use an Android, BlackBerry or iOS device:
    • Select your phone under Set up your phone.
    • Install the Google Authenticator app on your phone.
    • Open the Google Authenticator app.
    • Select + in the application.
    • Select Scan Barcode.
    • Click Next » in your browser.
    • Focus the QR code on the web page with the phone's camera.
    • Click Next » in your browser again.
    • Enter the code that appeared in the Google Authenticator app for the email address you just added under Code:.
    • Click Verify.
  • If you use any other phone:
    • Select Text message (SMS) or voice call under Set ujp your phone.
    • Enter your phone number under Add a mobile or landline phone number where Google can send codes..
    • Choose SMS text message if your phone can receive SMS messages or Automated voice message to have authentication codes read to you.
    • Click Send code.
    • Type the numerical Google verification code you received under Code:.
    • Click Verify.
  • Click Next » again.
  • Click Next » once more.
  • Now click Print codes to print offline verification codes that you can use to log in to your Gmail account when your phone is misplaced; keep the codes separately from the phone.
  • Make sure Yes, I have a copy of my backup verification codes. is checked after you have written down or printed the offline verification codes.
  • Click Next ».
  • Enter a backup phone number — a landline, for example, or a family member or friend's phone — under You can have codes sent to your backup phone number if your primary phone is unavailable, lost, or stolen..
  • Pick SMS text message if the phone can receive SMS messages or Automated voice message.
  • If your backup phone and friend are handy, use (Optional) Test the phone to send an authentication code to it.
  • Click Next ».
  • If you have add-ons and applications access your Gmail account:
    • Click Next ».
  • Now click Turn on 2-step verification.
  • Click OK under You are turning on 2-step verification for this account..
  • Enter your Gmail address under Email:.
  • Type your Gmail password under Password:.
  • Click Sign in.
  • Enter the verification code received under Enter code:.
  • Optionally, select Remember verification for this computer for 30 days., which will not have Gmail request new phone verification for a month.
  • Click Verify.
  • If you have add-ons and applications access your Gmail account, you may have to set up specific passwords for them:
    • Click Create passwords.
    • Set up passwords for applications that do not work with enhanced 2-step verification (such as email programs that access your Gmail account using POP or IMAP).

Disable Two-Step Gmail Verification

To turn off enhanced two-step verification for your Gmail account:

  • Go to the Google 2-step verification page.
  • If prompted, enter your Gmail password under Password: and click Sign in.
  • Click Turn off 2-step verification….
  • Now click OK.

©2014 About.com. All rights reserved.