How to configure Google’s two-step authentication

Wired writer Mat Honan fell victim to a brutal hack over the weekend. Through misplaced ingenuity and a smidgen of social engineering, hackers gained access to his iCloud account and wiped his iPhone, iPad, and Mac drives clean. The actual attack involved breaking into Honan’s Amazon account, and then using information found there to break into his iCloud account. Things only got worse from there,” Lex Friedman reports for Macworld.

“Amazon and Apple clearly need to institute security policy changes to better protect their users. And Honan made mistakes of his own, most notably not backing up his Mac regularly. But the hackers’ initial entry point into Honan’s digital life was through, of all things, the ‘forgot password’ functionality offered by Gmail,” Friedman reports. “When they first plunked Honan’s email address into that form, Gmail displayed a redacted version of Honan’s MobileMe account: m•••• Honan has plenty of ‘if only’s’ on his mind, but one biggie—to quote Honan’s story for Wired, is this: If he ‘had used two-factor authentication for Gmail, everything would have stopped here.'”

How to configure Google’s two-step authentication (and who to fix everything Google’s two-step authentication breaks) in the full article here.

See also, Adrian Covert’s “9 Things You Absolutely Must Do to Keep Your Online Identity Secure” via Gizmodo here.

Related article:
Apple responds to iCloud hack: Our internal policies were not followed completely – August 7, 2012


  1. The G word has 2 step authentication … as is now pushing it via web page notifications to its users. This is a good thing … and it’s causing many people like myself to review their passwords in other prominent places and change the passwords.

    G have made it easy to not have the same email password – at least for Gmail on two different client programs. My desktop and my iPhone now have separate Gmail passwords. And the tipper is I don’t even need and shouldn’t know them.

  2. Google’s 2 step thing isn’t two steps. For every non-google device or program, you have to create a special password. So instead of one password, you could end up with one for your mail app on your computer, one for your phone, one for your ipad, one for youtube app, etc. Pain in the butt.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.