Signs and superstitions 

Google security code where to find. Protect your account: Google Two-Step Verification. The application is installed, but the codes from it do not work

Google Two-Step Verification

Your Google account needs enhanced protection because it is used to access your credit card information for making purchases in the Google Play app store, important messages, documents and emails, and even YouTube videos. Luckily, the tech giant implemented a two-factor authentication system back in 2010.

Google calls this system “Two-Step Verification.” This method allows you to identify a user using a mobile device. When you enable two-step verification on Google, you have several options available to you. The first option is called Google Prompt - the user simply adds his smartphone to his account and verifies that the Google search application is installed on the device. Then, when you try to log into your account, you will need to confirm on your smartphone that you are doing this personally.

If this doesn't work, you'll have to enter an additional code that will be sent to your smartphone via SMS text message, voice call, or using the Google Authenticator app. In your personal account, you can register your computer so that you do not have to enter a code each time you log in. If you have a G Suite enterprise account, you can choose to receive a code every 30 days.

Google Authenticator can generate an authentication code even if your smartphone is not connected to the Internet. You need to enable two-step verification first. The application will then scan the QR code on the desktop screen and then generate one-time passwords based on the time or counter value, which will need to be entered in the appropriate field. This method replaces text messages, voice calls, or email messages. Google Authenticator works with other services such as LastPass, Facebook, Evernote, Microsoft, Dropbox and Slack.

Once you've set up Google's two-step verification, visit your Google Account settings again. You can then set up a phone number to receive access codes, switch to using Google Authenticator, and have access to 10 backup codes that you can print out in case of emergencies (for example, your smartphone battery is low and you can't access the authentication app ).

In this interface, you can create application passwords. Let's assume that you want to use a Google account in a service that does not support standard Google authentication. If you have two-factor authentication activated, you will need the application password to use your Google account in the service.

How to enable two-factor authentication on Google

  1. Click on the profile page in the upper right corner of the screen and click on the “My Account” button.
  2. Once the account page loads, select the “Security and Login” page.
  3. In the “Password and account login method” section, select “Two-Step Verification”.
  4. At this point, if you want to make changes to the authentication procedure, Google may ask you to re-enter your password. Enter your password to continue setting up security.
  5. You can now set up two-step verification. Click the “Proceed” button.
  6. Enter your phone number. You will be able to receive text messages or phone calls to this number. Select the desired option and click “Next”.
  7. After this, you will receive an SMS message or phone call with an access code. Just enter the numbers without the “-G” prefix and click “Next”.
  8. After this, the next page will open with the message “Successful!” Do you want to enable two-step verification?” Click “Enable”.

You can then go to the 2-Step Verification setup page, where you can set up an alternative second factor in case you can't receive text messages or voice calls. Please note that the default option is to receive codes via SMS. The functionality of this method depends on your mobile operator. Moreover, this method is less secure than other available methods. Another very popular option is to use the Google Authenticator app or Google Prompt. They will also require a mobile device.

How to add Google Authenticator as a second authentication factor

  1. Install the Google Authenticator app on your mobile device
  2. Go to the Google account two-step authentication setup page and in the “Authenticator Application” panel, click the “Create” button
  3. Select the operating system of your smartphone - Android or iOS and click “Next”
  4. Open the Google Authenticator app on your mobile device and select the “Scan Barcode” option
  5. Scan the QR code that appears on your computer screen and click Next
  6. A notification “secret code saved” will appear on the mobile phone screen and a digital code will be displayed. Enter this code on your computer and click “Confirm”

How to add Google Prompt as a second authentication factor

  1. Go to the Google account two-step verification page and in the “Google Prompt” panel, click the “Add phone” button
  2. On the next screen, click “Get Started”
  3. Then select the phone linked to your Google account. Make sure your phone has the Google search app installed and is connected to the Internet. Click “Next”.
  4. In the notification that appears on your mobile phone, click the “Yes” button.
  5. Then click the “Finish” button on your computer. Google Prompt setup is complete.

How to Create a Google App Password

An app password is a 16-digit passcode that gives an app or device permission to access your Google Account. If you use two-step verification and see a “wrong password” error when you try to sign in to your Google account, an app password may solve the problem. In most cases, you'll only need to enter your app password once per app or device, so don't worry about remembering it.

  1. Click on the “application passwords” link in the “Password and login method” section of the Google account security settings page. You may be asked to sign in to your Google Account.
  2. At the bottom, select the application you are using from the drop-down list.
  3. In the next drop-down list, select the device you are using.
  4. Click the “Create” button.
  5. Follow the instructions to enter the app password (16-digit code on the yellow line) on your device.
  6. Click “Done.”

With the Google Authenticator app, you can receive codes to sign in to your account without an Internet or mobile network connection. To do this, you need to set up two-step authentication.

Requirements

Note. For work and school accounts, two-step verification may not be available. If you cannot complete the steps, contact your administrator.

To use Google Authenticator on an Android device, you need the following:

  • Android 2.1 or later

How to download the application

How to set up the application

If the code is correct, you will see a confirmation.

Otherwise try again. If you still can't generate the code, make sure your device has the correct time is set, or check out solutions to common problems.

Set up two-step verification for multiple Google accounts

With the Google Authenticator app installed on one device, you can receive codes for multiple Google accounts at once.

Good afternoon

Unfortunately, there is no way to restore one-time password generation for apps in Google Authenticator unless you thought about it in advance and took appropriate measures.

In your situation, the only thing left to do is try to gain access to applications and sites using backup methods (if such are supported), or write to support services, explain the situation and ask to restore access.

Google Authenticator Backup

There is no reservation in Google Authenticator. This application does not communicate with Google servers and does not transmit anything there. The only thing Google Authenticator can do is sync the time on your phone, since if the time is not accurate, one-time codes won't work.

If your phone is stolen or broken, Google suggests using backup codes that you need to generate and write down in advance. But, firstly, not everyone makes such backup codes. Secondly, the backup code will only restore access to your Google account. You will not be able to access all other applications that use Google Authenticator. But there is a solution, and not just one.

Methods for backing up data in Google Authenticator

Many applications and sites that use Google Authenticator offer, when activating two-factor authentication, to create a special recovery code, write it down and store it in a safe place. The method is not very reliable, since the piece of paper with the code can be lost, and not very secure, since this piece of paper can be stolen. In addition, it is also extremely inconvenient. And the main disadvantage of this method is that it is not suitable for all applications and sites, since not all of them provide the opportunity to create such code. But there are more universal ways:

1. Take screenshots of the QR codes you used to add the application to Google Authenticator. With this code, you can always add the application to Google Authenticator again or on another device. You can even use Authenticator on multiple devices at the same time. Every time you add an application, take a screenshot:

And put such screenshots in a special folder in a safe place, for example, in a personal cloud. Just in case, you can archive such a folder using a long password (30-40 characters), then even if the archive is stolen, it will not be possible to decrypt it within a reasonable time. If something happens to your phone, you can always decrypt the archive and restore the generation of codes for all applications in Google Authenticator.

2. Use another application, for example Authy. Google Authenticator is not the only, nor the most convenient, nor the most secure application for two-factor authentication; there are others. I recommend using the free Authy app:

It works exactly the same as Google Authenticator, but additionally allows you to:

  • Use multiple devices;
  • Control the number of devices with the application, prohibit the use of other devices;
  • Set up automatic backup with encryption to the cloud.

The Authy app can be found in the official app store for your platform. If you have any questions about Google Authenticator or Authy, be sure to leave a comment on this answer and I will help.

It happens that users need to set up additional security measures on their account. After all, if an attacker manages to obtain your password, this can lead to very serious consequences - the attacker will be able to send viruses, spam information on your behalf, and will also gain access to other sites that you use. Google's two-step authentication is an additional way to protect your data from hackers.

Two-factor authentication is the following: a specific verification method is tied to your Google account, so that if a hacker tries to hack, a hacker will not be able to gain full access to your account.


You can find out whether you managed to enable this protection function on the next screen.

After these steps, each time you log into your account, the system will request a code that will be sent to the specified phone number. It should be noted that after establishing protection, it becomes possible to configure additional types of verification.

Alternative authentication methods

The system allows you to configure other, additional types of authentication that can be used instead of the usual confirmation using a code.

Method 1: Notification

When you select this type of verification, when you try to log into your account, a notification from the Google service will be sent to the specified phone number.

After the above, you can log into your account by pressing one button through the notification sent.

Method 2: Backup codes

One-time codes will help if you do not have access to your phone. For this occasion, the system offers 10 different sets of numbers, thanks to which you can always log into your account.


Method 3: Google Authenticator

We hope that the article helped you and now you know how to use two-step authorization in Google.

Relatively recently, Google developers began to implement the Google Authenticator service, which speeds up and simplifies work with websites and registration processes.

This is a fairly easy-to-use application that provides the opportunity to use the full functionality of a particular site without registration.

In this article we will try to answer the question of what to do if an application is lost and how to restore access to sites in the event of a failure.

Principle of operation

This service provides two-step verification for quick access to the site where you need to register.

The service is implemented in the form of an application for mobile and some other operating systems, which must be downloaded and installed before using the authenticator.

Such an application presents the user six or eight digit code for authentication on a particular site, instead of standard credentials.

Moreover, after entering such a code, the user becomes authenticated in the system of a third-party site using his credentials from, that is, as a Google user.

Interestingly, the service is able to successfully generate such codes for third-party applications.

Important! The initial versions of applications for this service were distributed with open source code from the developer. But more and more new versions have recently become the intellectual property of the developer, that is, Google.

Why is it needed?

Why is this application needed and what does it do?

To start using, you need to download the application, install it and log in using .

After this, the application should remain running in the background.

After entering a particular site, the application will generate a special code for you, which you will need to enter on this site (a special input window will appear in the browser).

After entering the code, you are automatically authenticated on the site with your Google account data.

The site will generate a digital key, which, also fully automatically, will be saved in the application you downloaded and will be used for all subsequent logins to this site.

From everything written above, it is clear that such an application will be especially useful for those who often work with many sites that require registration to access the full functionality of the service. This application allows you not to waste time on constant registration and authentication, not to remember a lot of passwords and logins, but at the same time use the full functionality of any site.

Recovery

However, such an application stores codes generated by sites only in its memory, that is, the data is not uploaded to any servers.

Thus, they are stored only on and only as long as the corresponding application is installed on it.

It is clear that this data can be lost when the application is uninstalled, when the phone breaks down, as a result of which the operating system will need to be reinstalled, or when flashing.

Also all saved data for accessing sites may be lost if the phone physically fails or is lost.

In this case, you completely lose access to authentication data on all sites where you have authenticated using the application.

The problem is that you won’t be able to access the site any other way (only if you create a new account), you won’t be able to simply enter your Google credentials, since they will not allow you to log into the site. This is a particularly serious problem if the user has already performed quite a lot of actions in this account and needs to access the information in it.

However, some ways to return access to codes are still provided.

Basic method

You need to understand that Google does not provide absolutely any methods.

This situation arises because passwords are not transferred to the developer’s servers in order to increase the security of using the application.

But such high reliability and security creates a problem.

You will have to resolve the issue with each site individually.

You will need to write a letter to the site's Technical Support or its Administration, describing the problem.

In some cases, this may require you to create a new, empty account.

A number of sites can immediately provide you with a backup code, with which you can log into the site using Google Authenticator. But some services may require you to prove that you are the right user. In this case, you may need screenshots from this site when you were still using the account to which you lost access, screenshots from your Google account, etc., and the Administration may also require some other evidence.

However, some services refuse to provide a backup code despite any evidence.

Most often, this happens with sites where credit card information is entered or payments are made in any other way.