Doing the Two-Step

Little by little, Google is taking over my life. And I let them, in exchange for the services they provide.

I’ve used Gmail for a long time. I also have a Comcast email address or three, but they are used less and less often, and now act mostly as spam catchers.

Google knows
• every Google search I’ve ever done, every search result I’ve clicked on
• every location I’ve ever looked up on Google Maps
• every YouTube video I’ve ever watched or searched for

Google knows my whereabouts and keeps track of my most visited locations. Google has my phone number, which means that Google can now track me in realtime. And I’m okay with that.

I’m now on my second Android smartphone (the incredible HTC 10, thankyouverymuch), and HTC has jettisoned its own proprietary apps in favor of established Google apps, so now Google is intimately involved with my everyday life.

Google knows me probably better than anyone.

And now, finally, I see that my bank has joined the list of institutions working with Android Pay! I happily scanned in my credit card, entered all information, and I can make small purchases just by holding my phone near a pay terminal.

So now money is involved

And that means that NOW I have set up Two-Step Verification for my Google account.

I log in using my usual username and password, but now there’s an extra step involved in accessing my account.

Authenticator

First I set up a code generator. I downloaded Google Authenticator to my phone, and this generates a random 6-digit code every 20 seconds or so. I have to enter this code when asked, if I want to get into my account. Not as much of a pain as it sounds…

random_code

You can “authenticate” devices and computers. Basically, I said that I use this smartphone all the time, so don’t ask me for verification on this device. I can also do that with computers or other devices that I normally use.

As an alternate method of verification, if I use a strange computer, I get a pop-up on my phone that says something like, “Is this you?” Tapping YES on my phone allows me to use the strange computer.

Bottom line, no one is going to get into my Google account now. Unless they steal my phone, of course. But in order to unlock my phone, they have to guess my PIN or cut off my thumb for the fingerprint scanner.

And that’s a lot of trouble to go through in order to steal the $20.00 that’s available on my credit card.

Oh. In order to use Two-Step Verification and Android Pay, I agreed to use a “locked” smartphone. This was a royal pain on my last phone, so I never used to lock the thing. On the HTC 10, though, I use the fingerprint scan (either thumb) to unlock the phone, and it takes all of 0.6 seconds. Takes even less time if I pick up the phone the right way! So having the phone lock is no longer an issue. In fact, a quick press of the power button turns off the display and locks the phone immediately. Then a simple thumb press on the scanner turns it back on, unlocked.

Very cool.

I feel much better now.