Google just launched a new, secured login for Gmail and other Google services. Google calls the process two-step verification. It is intended to reassure those who believe they need more than a mere password standing between their online data and the cyber-thieves of the world.

“Two-step verification requires two independent factors for authentication, much like you might see on your banking Web site: your password, plus a code obtained using your phone,” explains Google product manager Nishit Shah in a blog post.

Why you should use 2-step verification
2-step verification adds an extra layer of security to your Google Account by requiring you to have access to your phone – as well as your username and password – when you sign in. This means that if someone steals or guesses your password, the potential hijacker still can’t sign in to your account because they don’t have your phone.

The set-up process isn’t ridiculously onerous, but it isn’t drop-dead easy either. Google suggests setting everything up may take 15 minutes. Thoughtfully, users aren’t entirely on their own: Google provides a set-up wizard to guide people through the necessary steps.

How you sign in with 2-step verification

  1. When you want to access Google products from your browser, go to that product and enter your username and password.
  2. You’ll next be prompted to enter your verification code, which you’ll get from your phone. You’ll only have to do this once every 30 days if you so choose.
  3. Soon after you turn on 2-step verification, non-browser applications and devices that use your Google Account (such as Gmail on your phone or Outlook), will stop working. You’ll then have to sign in using your username and a special password you generate for this application. (Don’t worry, you’ll only have to do this once for each device or application.)

What you’ll need

While 2-step verification requires some web savvy, you only need a few basic items:

  1. A phone that is usually available to you when you sign in. This could be:
    • A standard phone (landline or mobile)
    • Any Android device, BlackBerry device, iPhone, iPod Touch, or iPad that can run the Google Authenticator application
  2. A backup phone that you can use if you lose access to your primary phone. This could be:
    • A work or home phone (landline or mobile)
    • The phone of someone you trust, like a friend or family member.

How to get started

So you’re ready to make your account more secure? The next step is to see if your account is eligible for 2-step verification yet. To do this, go to your Accounts settings page and look for the Using 2-step verification link. If you have the link, you can click it and start the setup process.

If you do not see the link:

  • 2-step verification might not be enabled for your account yet. Please be patient – all Google Accounts should be enabled soon.
  • If you are a Google Apps user, your domain administrator might not have enabled it for your domain. Check with your domain administrator to find out.
  • If you are a Google Apps user, you might have to access the 2-step verification setup through a special URL.