Using two-factor verification makes sure that you — and only you — have access to your Google account.

In light of a recent security breach that saw 273.3 million email accounts — including Gmail accounts — compromised, we strongly recommend enabling two-step verification (or two-step authentication, as it's also known) for your Google account.

This process will put a stop to anyone's efforts to access anything — including Gmail and all other Google services — that uses your Google account credentials when logging in, because you need more than a password to verify that you are the account owner.

What is two-step verification?

Two-step verification adds an extra layer of security to your account. Think in terms of withdrawing cash from an ATM — you must insert your card and enter a personal identification number. In the case of a Google account, with two-step verification enabled, you must enter a password and a code that is sent to your phone by call or text, or through an authenticator app on your phone.

Although it will now require extra steps to access your Google account, two-step verification is invaluable. Using two methods to authenticate who you are effectively doubles your account security, and makes sure you're only able to log in if you have both the right password and a valid authentication token. It is still recommended to change your current Google password if you haven't already. Without further ado, let's enable two-step verification.

How to enable two-step verification in the Google Authenticator app

  1. Launch your web browser from your computer desktop.
  2. Type into the address bar.

    Double-click on your browser. Type into the address bar.

  3. Type in your password.
  4. Click on Sign In.

    Type in your password. Click on Sign In.

  5. Click Off under 2-Step Verification.
  6. Click Turn On.

    Click on Off. Click on Turn On.

  7. Type in your password.
  8. Click on Sign In.

    Type in your password. Click on Sign In.

  9. Click on the flag drop-down menu and select your country.
  10. Type in your phone number.

    Click on the flag menu and click on your country. Type in your phone number.

  11. Select either Text message or Phone call.
  12. Click on Try It. You will receive a text message or phone call containing your code.

    Select either text message or phone call. Click on Try It.

  13. Type in the code you received on your phone.
  14. Click on Next.

    Type in the code you received on your phone. Click on Next.

  15. Click Turn On.

    Click on Turn On.

Now you have two-factor verification enabled for your Google account. Next, let's have a look how to enable the Google Authenticator app on your phone to make things even more secure and convenient.

How to prepare your account for the Google Authenticator app on Android

Click on this link from your computer to get started.

  1. Click on Next
  2. Click on Switch to app.

    Click on Next. Click on Switch to app.

  3. Click on Android.
  4. Click Continue. You will now see a barcode on your computer screen. Keep this barcode on your screen and continue with the steps below.

    Click on Android. Click on Continue.

  5. Tap the Play Store on the Home screen of your Android phone.
  6. Type in Google Authenticator in the search bar.
  7. Tap the Search button.

    Tap the Play Store. Type in Google Authenticator. Tap the Search button.

  8. Tap the Google Authenticator app. It's the result by Google Inc.
  9. Tap the Install button.
  10. Tap the Accept button.

    Tap the Google Authenticator app. Tap the Install button. Tap the Accept button.

  11. Tap the Open button when the download is complete.
  12. Tap on Begin Setup.
  13. Tap on Scan a barcode.

    The the Open button. Tap Begin Setup. Tap on Scan a barcode.

  14. Scan the barcode visible on your computer screen.
  15. Tap on Open browser.
  16. Tap on OK.

    Scan the barcode. Tap on Open browser. Tap on OK.

Now, instead of getting a text or voice message with a verification code, you will use a unique code in the Google Authenticator app every time you log in to your Google account on any device. This code changes every 30 seconds, and when you use it, it has to match the current code that Google is expecting for that time window. Anyone attempting to access your account who doesn't have your phone in their hands will not receive the code and will thus be unable to log in. Safety first, everyone!


Even though your Google account might have been spared this time, there is no telling when another hack or leak can occur. Any service that offers two-step verification should be taken advantage of, as it essentially puts a firm stop to unverified access attempts. Stay safe!