Another week, another story of hackers stealing millions of passwords.
But sometimes it’s the things you do to protect yourself that can foul you up.
I was recently travelling on a business trip, holed up in a location that didn’t have cell reception.
I plugged my computer into the available Ethernet network. Not usually a problem. Google, trying to protect me, noticed I was on a new network and locked me out of my email, calendar, and contacts. It wanted me to type in a special code to verify my password.
A common recommendation to keep your password safe from hackers is to use what’s known as two-factor authentication. The website will send you a one-time code to use with your regular login. Companies using Google can even make this a mandatory security setting for all employees.
It’s a great idea, unless you have no backup plan for when it goes wrong.
When I turned on two-factor authentication, I chose the easiest options: to have Google text my special code to my mobile and to use my husband’s phone as my backup.
When I tried to access my Gmail that day, I had no cell reception and couldn’t get a text. And I couldn’t call my husband and get him to text me a code sent to him.
To its credit, Google has thought of these problems (unknown to me at the time; I had been using two-step for more than a year without any problems).
It offers the Google Authenticator app that generates the codes on your phone. It works even when the phone is in aeroplane mode.
But, the app won’t help you if you lose your phone.
Google has a solution for that, too. You can use preapproved codes as long as you download them in advance. (A step that I didn’t do.)
Google also warns people not use a Google Voice number with two-step verification, or you could lock yourself out completely. Google will be asking for a code that is shut away in your Google voice account.
Next time I travel, I’ll be ready.