Security on the Internet is something for everyone to be aware of, especially attorneys. You can go overboard being worried about security, but whenever there are simple methods that you can undertake to enhance security, that seems like a good thing.
Mississippi attorney Tom Freeland recently wrote me to pass along a security tip to help guard against unauthorized access to your Google accounts such as Gmail. He writes:
Google has a new-ish two step verification process for greatly enhancing the security of Gmail. The easiest way to do it is with an iPhone app called Google Authenticator. As you go through the (roughly 15 minute) process, the website generates a thing that looks like a bar-code. You view that with the iPhone app and then the app generates a verification number. You enter that number into Gmail, it’s good for 30 days, and you go from there on using your regular password.
If you have ever used a SecureID fob, then you know what two-step verification is. The idea is that you verify that you are who you say you are using two methods (1) providing some information that only you should know (your password) and (2) using something that only you should have, such as a SecureID fob or in this case your iPhone which is generating a unique password using the Google Authenticator app. Even if a “bad guy” somehow learns or guesses your password, he still could not access your account without the code generated by the iPhone that you have. Tom writes a little more about the process on his blog and you can get even more information in this post by Google.
The whole thing took me far less than 15 minutes, more like five minutes really. Once you have it configured, you can either require the code generated by the app in addition to your password every time that you log in, or you can allow Google to remember your password for 30 days, and then after that you enter the code generated by the iPhone app again for anothe 30 days. For example, when I access the Gmail website on my iPhone, I am first asked to enter my Gmail ID and password, and then I see this screen:
Every time you access a Google service from a new computer (or iPhone or iPad etc.), you need to provide not only your password, but also that code generated by the Google Authenticator app. Thus, even if someone across the world manages to detemine your password, he still cannot access your account from that computer without your iPhone.
Using the Google Authenticator app is easy and relatively painless, and it adds an extra level of security to your Google account and Google services such as Gmail. Consider giving it a try.
Click here to get Google Authenticator (free): 
Just don’t do Google “two-step verification” it screws up many third-party applications and they don’t warn you in advance! You discover when you try to use them. I wish I hadn’t! My iPhone suddenly would not sync with Gmail, I cannot upload to Picasa Web Albums, I cannot upload photos to Facebook! I also put in the “application-specific password” for Gmail, still no mail. Strangely, my iPhone has aslo been sucking battery since I did two-step verification, battery now only lasts 1/2 – 3/4 day now like it is working constantly trying to do something. I don’t have hours to troubleshoot all the thing this affects, I need things to work. Caveat– Google “Two-Step Verification”!
I echo Marty’s concerns – especially regarding iPhone battery draining.
After setting-up google 2-step verification my iPhone battery lasts about a half a day. Prior to this the battery would last well over a day! I need to find a way to “undo” this security feature!
Hi Calli,
Did you get any additional information about the battery being drained?
Isn’t it just the Google Authenticator app that continues to do some work, even in the background?
The app known as “Google Authenticator” is not “found in app store”! Really? So after setting up on my PC, I can’t access my gmail (primary account) from my iPhone. Based on what the two people wrote above, it’s probably a good thing. C ya, Google. Just the last straw in a series of F ups by the once wonderful search engine company that is now “one of them”.
That app is only temporarily unavailable. Google released an update yesterday that had a bug in it, so I believe they are now fixing it and will re-release it.