Two-step verification protected millions of Google users. It can help you, too.

Last year, Google auto-enrolled about 150 million users and 2 million YouTube creators in the company’s 2-step verification (2SV) tool. Earlier this week, Google reported a 50 percent decrease in compromised accounts among those users compared to those without 2SV enabled. 

“This decrease speaks volumes to how effective having a second form of verification can be in protecting your data and personal information,” Guemmy Kim, Google’s director of account security and safety, wrote in a press release Tuesday. In 2018, less than 10 percent of active Gmail users were signed up for 2SV, according to The Register. In May 2021, Google announced it would start enrolling some users in 2SV.

2SV, and the similar protection called two-factor authentication (2FA), are tools to keep your accounts secure beyond just using a password. As their names suggest, you need two steps or types of information to log in to your account. The first step or factor is usually putting in your password. In 2SV, the second “step” can be similar to inputting a password, such as inputting a code sent to you by text. In 2FA, you are required to use a second, distinct “factor” like approving a notification from a 2FA app or using a USB security key or another physical token. 

If hackers enter your password but don’t have access to the second factor or step, they cannot get into your account. Many 2FA or 2SV websites and services will then alert you that someone has attempted to access your account. 

Why are 2FA and 2SV important?

While 2FA and 2SV don’t make it impossible to hack into your account, they do make it a lot harder. Phones and phone numbers can be stolen, and only using a password makes you vulnerable to the rising number of data hacks, breaches, and leaks that happen every year. 

Last year, 293,927,708 people across the United States had their data breached, and data compromises hit an all-time high in 2021, according to the Identity Theft Resource Center. There were 1,862 mass-data compromises, which is 68 percent more than in 2020 and 23 percent more than the previous all-time high in 2017. 

Mass-data compromises don’t only make your account associated with a breached website or service vulnerable–any other account that uses the same login credentials is at risk too. That is why it’s important to sign up for 2FA or 2SV, choose strong passwords, use each password only once, and get a password manager. 

How do I set up 2FA and 2SV?

To set up 2SV on your Google account, complete the following steps:

1. Open your Google Account.
2. In the navigation panel, select “Security.”
3. Under “Signing in to Google,” select 2-Step Verification and click “Get started.” (You might be prompted to re-log into your account.)
4. Follow the on-screen steps.

You can even scroll down to add trusted devices where 2SV isn’t required. Outside of Google, you can set up  2FA or 2SV on websites and apps such as Facebook, PayPal, Amazon, and many banks. For websites that don’t offer 2FA or 2SV, you can download a code generator app like Google Authenticator, AndOTP, and Authy.