La Google two-step verification it's a great way to protect account data. For a long time this company offers this possibility in their own (associated with the Gmail address). But as is usual with the folks at Mountain View, a new option has been launched with the intention of improving its use - even on Android mobile devices.
With this new option, using Google's two-step verification app is much simpler and more powerful. And, although it was announced on the page where updates for payment developments are revealed, its use is compatible with the personal accounts from Gmail, so the arrival of the new service is global. It works really well, since it simply eliminates an intermediate step and, for example, it's possible to use the verification system as a verification system.
Steps to follow
One nice detail is that the management The steps required to activate Google's two-step verification on the account can be done specifically from the phone. This is something that does not always happen with services in which protection is a fundamental section. The first thing, therefore, is that you access this link to start the process.
Now you need to tell the service that, once you've activated two-step verification, you'll use this phone number. To make this work, you simply need to have the terminal turned on and connected and have the latest version of Google Play Services. If so, you must follow the steps that appear on the screen -without omitting any- and enter the data that is requested. After this, you will have already changed Google's two-step verification and SMS will be a thing of the past.
Allow verification and choose the best second factor
To activate it from your Google accountGo to Security and under "How you log in" tap Two step verificationThen, follow the on-screen instructions. If your account is for work or school, it may require approval from the [institution/government/etc.]. administrator.
After activating it, you can log in with your password plus a second step, or directly with a access key (passkey)It uses your fingerprint, face, or device PIN, eliminating the need to enter codes. With Passkeys, you prove the device is yours, so no additional verification is required.
If you don't use passkeys, Google recommends the Google notifications (Push messages) are preferred for their convenience and resistance to phone number attacks. They are available on Android phones with a signed-in session and on iPhones with a signed-in session for Gmail, Google Photos, YouTube, or the Google app. According to the notification, you will be able to tap Yes o No and, on occasion, you will be asked PIN or other additional confirmation.
Another very robust option are the hardware security keys (like YubiKey), small devices that you connect via USB, NFC, or Bluetooth. They are ideal against the Phishing and recommended if you are looking for maximum protection.
Other available verification methods
For scenarios without internet or mobile coverage, you can use Google Authenticator or other TOTP apps. They generate one-time codes that you enter at login. Remember: Don't share your codes with no one; Google will never call you to ask for them. Authenticator allows you to manage multiple accounts and migrate them using unit’s QR code.
You can also receive a code by SMS or call to your registered number. They provide security, but can be vulnerable to the SIM duplicate or other attacks on the number. If you use them, keep your line protected with a SIM PIN and avoid publishing your number.
In some workflows, Google may ask you to scan a unit’s QR code Use your phone to verify your identity or number. After scanning it, complete the steps that appear on your mobile device and return to your computer to finish.
Los backup codes They are an essential safety net. Keep them in a safe place, and if you lose them, you can use the Two-Step Verification section. revoke them and create new ones.
If an app stops logging in after 2SV is enabled, it generates a app password Use your account for older apps that don't support 2SV (for example, older IMAP clients). Only use it when necessary.
Manage trusted devices, Smart Lock, and useful settings
To avoid confirming the second step every time on personal devices, you can mark "Do not ask again on this device"Activate it only on devices used individually and with secure screen lock.
In your security settings, the switch "Skip passwords whenever possible" allows prioritizing access with access keysMake sure you have screen lock enabled on the device that stores your passkeys.
If you work with sensitive data, consider the Advanced Protection Programwhich requires physical security keys as a mandatory second step and adds extra controls against impersonation.
In Chrome OS environments, the feature Smart Lock It allows you to unlock your computer when you're nearby using your mobile phone. Bluetooth, maintaining a seamless experience without compromising security.
If you lose your phone, key, or have problems with the codes
If you lose Main phoneTry accessing from a trusted device where you already selected "Don't ask again." Once inside, review and change your verification methods. Ask your carrier. transfer your number to a new SIM and removes lost devices from the profile.
If you lose one Security keyUse a second configured method (notifications, backup codes, another key). Remove the lost key from your account and add another one. If you use Advanced ProtectionOnly a backup key will allow you to enter.
If the access key (passkey) Because you lost your device, log in from another device, delete that passkey, and create a new one. If you don't see the option to use passkeys, confirm that the screen lock make sure it is active and that you have enabled "Skip password when possible" at myaccount.google.com/security.
Are you not receiving codesGoogle may have sent you one notification Push notifications instead. SMS/call availability varies by operator and location. Check your coverage, that your mobile can receive special SMS messages, and that there are no suspicious changes (by location, network, or device) that have temporarily limited this method. Remember: if you request multiple codes, only The latest one works.
Avoid using Google Voice To receive codes. If you sign out of Voice and need a code to log in, you won't be able to access that code because it's stored within your account.
By the way, that the new functionality is compatible with Chrome OS (always talking about Smart Lock), so it is possible to unprotect a computer while being close with the phone simply by using the connectivity Bluetooth provided it's active and both devices are recognized. The point is, you gain convenience with Google's new two-step verification method, all without sacrificing security—which is the whole point.
However, the best combination today is to enable access keys and have it as backup Google notificationsa whirlpool bath, physical security key y backup codesThis reduces the risk of phishing, avoids dependence on the phone number, and guarantees access even in case of loss or occasional failures.