docwhat's avatardocwhat's blog

PSA: Turn on 2-step verification in Google

If you use any Google services (GMail, GTalk, etc.) and you care even a little bit about the data in that account, then you should turn on 2-step verification.

If you need a story to explain why you need this, the check out this story by James Follow as he recounts how his wife’s account was hacked (This is an article from The Atlantic).

When she looked at her Inbox, and her Archives, and even the Trash and Spam folders in her account, she found---absolutely nothing. Of her allocated 7 gigabytes of storage, 0.0 gigabytes were in use, versus the 4+ gigabytes shown the day before. Six years’ worth of correspondence and everything that went with it were gone. All the notes, interviews, recollections, and attached photos from our years of traveling through China. All the correspondence with and about her father in the last years of his life. The planning for our sons’ weddings; the exchanges she’d had with subjects, editors, and readers of her recent book; the accounting information for her projects; the travel arrangements and appointments she had for tomorrow and next week and next month; much of the incidental-expense data for the income-tax return I was about to file---all of this had been erased. It had not just been put in the “Trash” folder but permanently deleted.

It’s almost like a modern day camp-fire ghost story; it sent shivers up and down my spine.

I regularly backup my GMail account (and copies of my calendar and contacts are stored on my computer, phone, etc.) but having someone going through my emails wouldn’t make me happy.

So go and enable 2-step verification. It’s not perfect but it will lower the odds of you having your own horror story to tell.


Edit on GitHub