Google is launching today two-step authentication for Google Apps Premiere, Education, and Government edition customers, with plans to bring it to all Google users in the next two months. This will give the capability to verify a person’s identity with a code sent to the user’s mobile device.
The login system that we use now is a ‘one-factor.’ Where you enter one password and you’re logged in. More secure systems, such as in banks or large businesses, often require both a password and a physical card or dongle to login. These are called ‘two-factor’ systems, because they require both your password and another key. This makes it almost impossible for a hacker to hack into your account because he probably isn’t going to have that physical token.
Google is going to use your mobile phone, to provide this sort of security.
Here’s how the two-factor verification works with Google. Before using the service, you need to activate the optional feature from your settings page. Then, the next time when you try to sign in to your Google account, you enter your user name and password as you have always been doing. Next, you’ll be brought to a screen asking for a verification code. The verification code, which is a six digit code, comes from your mobile phone, which you’ve previously linked up to your Google Account. You can get this code as a SMS, voice call or using an application called Google Authenticator, which Google has made for Android, iPhone and BlackBerry.
You will have enter this code back into your browser to gain access to your account.
These forms of two-factor authentication are still pretty rare to see but expect these modern verification systems to be more commonly used as user name and password systems go more out of vogue.