I've enabled two-step authentication on all of my online accounts that support it because doing so is more secure. But two-step authentication can also be a bit of a pain, and managing multiple accounts adds to the misery. Fortunately, a Microsoft app for Windows Phone 8 that generates codes for the second step of authentication also works with your Google account. And you can enable it to provide authentication codes for multiple accounts.
Confused? Welcome to the club.
Back in April, Microsoft announced that it was adding two-step authentication to its Microsoft Account. (Curiously, it has still not added this option to Office 365.) This functionality, available to Google account holders since 2011, requires you to enter two pieces of information when you access your account. The first is your password, of course. But the second is a special code that is sent to a device you have under your control. This code can be transmitted via a text message, a phone call, or can be generated by something called an authenticator app.
Microsoft makes an Authenticator app of its own for Windows Phone 8. And I've been using this app to protect my primary Microsoft account since Microsoft made it available in April. I wrote about adding two-step authentication to your Microsoft account, and using this app, in Enable and Use Two-Step Authentication with Your Microsoft Account, if you need more information.
But here's the thing. Microsoft's Authenticator app, like other similar apps, can be configured to work with multiple accounts. That means multiple Microsoft accounts, but also any other account types that work to the same security standard. Google is one such account type.
For the past couple of years, however, I've been receiving Google verification codes—the second part of the two-step authentication process—via text message. The reason is simple: Like most people, I configured it in whatever way a few years back and then never reexamined it. And what I didn't understand when Microsoft provided its own two-step authentication and Authenticator app was that you could configure the app to work with multiple accounts.
And, as is the case with most people, what prompted change was an unexpected event. Working this morning, normally, my phone suddenly buzzed with a new text message. From Google. With a two-step authentication verification code.
Now, this could mean a number of things, not all of them alarming. But one possibility is that someone actually has my account name and password, and was only stymied in breaking into my account because I had enabled two-step authentication (or, what Google calls 2-step verification). Seeing this, freezing up for a moment, I realized I had better spend at least a few minutes examining the security of my Google account. And while I did make of the expected reactionary changes around my password, recovery options, and so on, I also took the long-overdue step of switching from receiving two-step authentication verification codes via text messages. Now, I use the Authenticator app instead, as I do for my Microsoft accounts.
As noted before, this app can support multiple accounts. This means that you can add additional Microsoft accounts, which is helpful for those of us with more than one, as well as any additional third-party accounts that use the same system. Google does, but so do services like Dropbox and LastPass.
Google makes an authenticator app of its own for Android, of course, and for iOS. But I use Windows Phone, so I use Microsoft's Authenticator app.
To use this app with your Google account, open a web browser and navigate to Google Accounts. After logging in, navigate to Security and then click "Edit" next to 2-Step Verification. On the Verification Codes tab, choose the app (not SMS/Voice) option and then pick Android from the list. (It doesn't matter which phone type you choose.)
On your Windows Phone, open Authenticator and tap the Add ("+") button on the app bar at the bottom of the screen to add an account. Then, tap the Camera button at the bottom and scan the QR code that Google is displaying on your PC's web browser. This will configure your Google account to use Authenticator to generate codes for two-step authentication.
Now, when you're prompted to enter a verification code by Google, you can use the code generated by the Authenticator app.
And while you're at it, be sure to add any other accounts that support this feature to the Authenticator app as well. Then go forth and be secure.
