Twitter  Columbia University’s student newspaper plans to stop printing a daily paper starting this fall nie.mn/1hpv31Y  
Nieman Journalism Lab
Pushing to the future of journalism — A project of the Nieman Foundation at Harvard

Sorry, hackers! Google now offers layered account security

Attention, journalists who keep your lives inside your smartphones: Starting today, Google Account users with mobile devices have the option of adding an extra layer of security to the Google sign-in process. Google has added a second verification step — the kind you might see, for example, with online banking and other sites that facilitate sensitive web transactions — to access Gmail, Google Docs, and other Google services. (It’s an expansion of the two-factor authentication system Google rolled out to its Google Apps users back in September.) 

Two-step verification requires you to provide two separate passwords, rather than just the one, before you can access your account: your self-generated password, plus a Google-generated code that’s obtained using your phone. The idea is to tie information security to a physical, mobile device — so that, even if your account gets hacked, your info will stay secure.

Particularly for Google account-using journalists, who trade in sensitive information even more than your average user, investing in the extra security layer could prove especially important. Journos, here and abroad, don’t just have their own info to protect; they have their sources’. As Sean Carlson, Google’s manager of news industry relations, told me in an email: “We hope this feature helps journalists better protect their private information.”

For those of you who still use passwords like, you know, “password” — or who, more likely, reuse the same password across various accounts (or who, for that matter, have commented on Gawker) — the extra security option could be invaluable. As Google engineer Matt Cutts put it in a tweet this afternoon: “*Everyone* should do this.”

                                   
What to read next
hilogo
Justin Ellis    April 23, 2014
“It feels like it’s a really nourishing and optimistic time to have conversations with publishers and to rethink how media should look online.”
  • http://digitalize.ca Mo Jangda

    What happens if I lose my phone? They seem to have left that part out…

  • http://www.mattcutts.com/blog/ Matt Cutts

    Mo, good question. The answer is that you can also print out a set of ~10 one-time codes and put them in your wallet in case you lose your phone or don’t have it with you.

  • Graham Webster

    This is great so long as your threat profile doesn’t include people with access to phone company surveillance. I’m thinking of state-owned telecom companies in authoritarian countries.

  • http://sljonesdigital.com SLJonesDigital

    Password: password
    GeneratedPW: password

    … I’m in!