I just read the article on using 2-step and I want to start using it, but I'm a ROM flasher. How do I manage? I think this could make a great article.
We think it could make a great article, too, Jean15paul. And it goes for users with more than one mobile device as well as flashers and ROM-a-holics. As safe as two-step authentication is, it was clearly designed for folks with one phone, and one computer, who don't like to erase and re-install either one. Unfortunately, this is a hard hurdle to cross.
The easy way, and the way I'm lucky enough to be able to do it, is with an old Android phone that's a dedicated authenticator. I reverted my Nexus One back to stock, and installed the authenticator app. I also use an authenticator for Blizzard games, so this worked well for me. I keep the phone charged, and any time I need a code I can start it up and get one -- until the power button goes out again, that is. This way I'm not ever locked out of my Google account, which can happen when flashing ROMS or jumping to a new phone.
Of course, that's not a good solution for most folks. If you have an old Android device laying around, I really recommend you try it (as well as printing out your 15 one-time use codes). If you don't have access to another Android phone, which is going to be most of us, things are a little bit rougher. The best solution I can find is to disable two-step authentication from the web (in your Google account settings) before you wipe and flash a new ROM. Once you're satisfied that it's worth keeping for a few days, re-enable it and go through the set-up with application specific passwords again. It's a lot of work, and adds a good bit of time to your set-up every time you flash a ROM. But it's also the best way to guarantee you're not locked out of your Google account.
Of course, since it's a pain in the you-know-what, most folks aren't going to do it. Never mind what you know, or what you've heard is best for your online safety, people always like to take the easy way out. With that in mind, I want to share a little nugget of wisdom passed on to me by a teacher about passwords. Long passwords with upper case and lower case letters are very difficult to crack. They are also difficult to remember. To make the remembering part easier, use the first line from a favorite song all in one word. For example, ItsAllRightIfYouLoveMeItsAllRightIfYouDont is a password that probably won't ever get cracked, but is easy for me to remember. It's just a pain to type out on an on-screen keyboard. But it's still better than being hacked.
Have a question you need answered? (Preferably about Android, but we're flexible.) Hit up our Contact Page to get in touch!