EMAIL - 2 Step Verification

The most common way hackers get into peoples accounts is by a leak from a poorly secured system to get an email address and password, then using that information to easily access a users email account. Ideally you should use a different password for everything.

Once they have access to your email account then they can request passwords for any website that user is registered on! Once you realise that, you’ll understand how security of your email accounts is of utmost importance.

A good article for help on choosing a strong password - http://www.bu.edu/infosec/howtos/how-to-choose-a-password/

Follow these steps to change your Gmail password

1. Log into your email with the current password
2. Click on My Account (top right hand side, where your picture is)
3. Click on Sign In and Security
4. Scroll down to password and you'll be able to change it here
5. Choose something unusual including letters, numbers and symbols

Two Step Verification:

To learn what Two Step Verification is, please see Google's simple explanation, it won't take long. https://www.google.com/landing/2step/

Basically, when you access your Gmail account from a new computer (or if Google suspects foul play) you will be asked for a code which is SMS / TXT directly to your mobile.

It's worth mentioning you don’t need to be online or in a signal area to use 2 Step. Google Authenticator mobile apps ( Android or iPhone) will also generate access codes. Interestingly, Microsoft are also using Google Authenticator app to verify Microsoft Account (Outlook/Live.com/Hotmail) two step.

In a busy email and communication environment, it is vital that everyone remains guarded at all times. Individual Boatshed businesses have the support and resources of Boatshed HQ to call on at any time if they feel that their systems may be compromised.

Enabling Google Account 2 Step Authentication

For the highest level of security we have enforced 2-step authentication. This involves authorising your various devices and computers to have access to your account. If using a device that has not been registered, then you can receive a numeric code via SMS to your mobile phone. Similar to a bank system you will need your username, password and this unique, random passcode.

Login to https://myaccount.google.com

Click Signing into Google

Then click 2-step Verification Off to start the process of enabling it

Click Getting Started

Enter your mobile phone number and continue to be guided through the process until you can Turn On.

With 2-Step now enabled for your account you have the option to be able to generate passcodes with different methods. This is especially useful if you have poor signal reception and cannot receive SMS messages easily or if you lose your mobile phone!

I recommend adding a Backup phone (an alternative safe number) or using the Google Prompt or Authenticator App. These last two let you make your own codes on demand using apps on your Android or iPhone. You could print out a list of Backup codes - but keep these very safe. If you ever lose them advise HQ and we’ll revoke your current codes.