A lady recently emailed us about her hijacked Adsense account and I felt sorry for her. It always begins with a suspicious login; if only she’d had Google 2-step verification enabled.
For a very long while now, Nigeria has been conspicuously left out of the list of supported countries for Google’s 2-step verification. Really strange isn’t it? The setup process goes smoothly until you get to the phone number verification part then this screen greets you after you input your valid Nigerian phone number:
Mind you, the problem isn’t from your phone number or the format you typed it; Nigerian phone numbers just aren’t supported so no 2-step verification protection for us 🙁 .
What is 2-step verification and why do I need it?
2-step verification is a form of 2 Factor Authentication (2FA) which provides an additional layer of security (for logins to your account) by requiring that you verify / approve login requests from another device you own.
Take for example, you wish to login to your account on another (person’s) PC or mobile device. 2FA sends or generates a code / login confirmation to or on one of your personal devices so the login request is denied unless you approve it, even if the right login credentials were supplied.
This is critical for securing your account just in case your login credentials get leaked or fall into the wrong hands. I need not remind you that your Google account is one of your most important accounts / identities on the internet because its not only associated with other Google products like Gmail, Adsense etc but is linked to your login credentials on other websites either via email address + password combo or OAuth (login / signup using your Google account). The repercussion of this is that anybody who owns your email account owns a huge chunk of your online identity. Can somebody say “Identity Theft!”
As a Nigerian, how do I enable Google’s 2-step verification?
Its been quite a while that I’d discovered how to do this and now have Google’s 2-step verification enabled. By the way, I’m 100% Nigerian and based in Nigeria, no tricks used.
First , lets start with the standard / ideal procedure (for many other countries but Nigeria):
- Visit https://www.google.com/landing/2step/
- Click GET STARTED
- Sign into your Google account
- You’ll see a list of mobile devices you’re currently signed into like in the screenshot below
- Click TRY IT NOW
- You’ll get a prompt on your mobile device (ensure its not on lock screen), tap Yes
- You’ll now be redirected to the text message or phone call verification screen.
- Input your phone number and click SEND
- The journey usually ends here (Invalid number, try again) for Nigerians but others can proceed to setup
Good news for Nigerians
The good news is you can use Backup Codes as an alternative to phone call or text message in your 2-step verification setup. What you need to do is click USE ANOTHER BACKUP OPTION once you get the “Invalid number, try again” error just like in the screenshot below
You’ll be redirected to the Backup Codes page. Backup codes are one-time passcodes that you can use to sign in when you’re away from your phone. Each code can only be used once. The screenshot below (I’ve left out my backup codes for my own security) shows what this page looks like
You can either download your codes by clicking the Download button (not shown in the screenshot) or write each code out in a book for safe keeping. Once you’ve secured your codes, click Next and you’re done.
Whenever you wish to login from another device, simply enter one of the codes (you can only use each code once but can generate more) as your 2-step verification once prompted.