Re: [Gmail-Users] 2-Step Verification

[Kenneth Ayers]

I remember texting with older LG phones. To get the "a" you'd click once, "b" would require a quick double-click, etc. That's how we all used to text until phones evolved to include a regular keyboard type keypad.

I'm almost certain you could receive a text message if you set it up in 2 step verification. And I'm not sure that Verizon still has plans that charge for texting. 

On Sun, Jul 19, 2015 at 12:58 AM, DEP/Dodo <depf...@gmail.com> wrote:

Yes, there are letters, but it's like a telephone keypad.  For ex., "2" has the letters "a," "b," and "c."

Well, I thought it was a text msg. for which I was charged (Verizon reversed it).  I cancelled something at the time.

~Diane

On Sun, Jul 19, 2015 at 12:47 AM, Marko Vukovic <marko....@gmail.com> wrote:

Interesting, no letters even below the numbers? I can't think that you would be charged for receiving a text (SMS). Sending yes, but receiving no.

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Regards,

Kenneth

[DEP/Dodo]

About 45 mins. ago, Kenneth, I actually tried to verify my cell phone number as I had my landline.  I updated the number with my cell #, selected "Use other number," and had the same results--nothing, which I expected since texting is turned off.  I think I will call Verizon and look into this.

[Marko Vukovic]

On Sun, Jul 19, 2015 at 9:58 AM, DEP/Dodo <depf...@gmail.com> wrote:

Yes, there are letters, but it's like a telephone keypad.  For ex., "2" has the letters "a," "b," and "c."

Well, I thought it was a text msg. for which I was charged (Verizon reversed it).  I cancelled something at the time.

​Yes I'm 100% sure your 9 year old phone is SMS capable. I didn't know one could actually cancel SMS​.

I would definitely look into re-enabling that, it is certainly far less tedious and probably much more reliable than having to receive an automated landline call.

--

Marko

[DEP/Dodo]

​Between its being very late here in CA with little sleep the night before and because I don't fully understand about recovery phones, etc., I now don't know what I meant other than for me, when I signed up for 2-step verif. on one particular computer, I was going to use only the first layer of protection (password).  I understood that when I, or anyone else, tried to access my account from another computer, a verif. code would also be required.  I also understood that the verif. code would be sent to be via my landline phone number or cellphone.  However, neither can be verified.  I have been told that the verif. code comes by way of an SMS, which requires texting capability.  Here is where I now realize I am confused.  I am mixing this up (getting verif. codes) with verifying my landline or cell numbers in case I have problems with my Google account.  Don't I need verification of either or both phones for both purposes?  

I have to stop now because my brain is spaghetti.

~D.

On Sun, Jul 19, 2015 at 12:46 AM, Kenneth Ayers <justk...@gmail.com> wrote:

You say that you don't recall saying that you don't need account recovery options.  I must have misunderstood what you meant when you said "It was also my plan to opt only for the step that requires me to input my password.  Therefore, that makes moot my concern about having an alternate e-mail account for recovery purposes.  Or does it?"

[DEP/Dodo]

Again, Marko, I am not receiving calls from Google on either phone.  I'm supposed to be able to receive verif. codes via voice call:

(You'll need verification codes:  After entering your password, you'll enter a code that you'll get via text, voice call, or our mobile app.) 

Also:  "Google can call your cell or landline phone with your verification code."

I am assuming when I call Verizon it will have records on what it was I cancelled so long ago.  That would assuage my curiosity, if nothing else.  And, of course, I will look into texting since voice call isn't working.

In my previous post to Kenneth, I admitted my confusion between verifying phone numbers and account recovery.  What is the "account recovery options setup"?  I clearly am the one misunderstanding all this, which is why I can't remember what I said to Kenneth when I thought he was misunderstanding me.  How are recovery options protective if a hacker has successfully gotten into a Google account and has access to everything?

​

~Diane

On Sun, Jul 19, 2015 at 1:29 AM, Marko Vukovic <marko....@gmail.com> wrote:

​Yes I'm 100% sure your 9 year old phone is SMS capable. I didn't know one could actually cancel SMS​.

I would definitely look into re-enabling that, it is certainly far less tedious and probably much more reliable than having to receive an automated landline call.

​  Which is not happening via landline or cell!​

--

Marko

[Marko Vukovic]

On Sun, Jul 19, 2015 at 11:22 AM, DEP/Dodo <depf...@gmail.com> wrote:

Again, Marko, I am not receiving calls from Google on either phone.  I'm supposed to be able to receive verif. codes via voice call:

​I'm assuming you did specify 'Voice call' as per https://support.google.com/accounts/answer/6051686​

--

Marko

[DEP/Dodo]

Interesting comment on your part, Marko.  No, I haven't tried to change how I receive verification codes because I haven't yet set up 2-step verif. pending what has been going on up to now (rather, what has not been going on!).  Specifically, I haven't been able to verify my phone of choice, my landline number, for account recovery.  This apparently requires SMS.   I thought this same verification was also necessary prior to and in order to get the codes for 2-step verif. after that was set up.  Remember how I mentioned a few hours ago how confused I was on these two topics?  So the link you have provided me intrigues me and adds to my confusion.

You may recall we (you and I) have discussed previously within this (long) thread about 2-step verif. for selected computers since we both also have computers which are "reasonably secure" (your words).  The computer I have in mind is one I use at home ("reasonably secure" there?) and take with me when I want to use Gmail away from home.  So far, this particular computer has remained secure when I use wi-fi.  But since it is the most vulnerable because of wi-fi or even using offline Gmail (I guess), this was the one I was going to set up for 2-step verif.  

Because of my confusion, part of me is saying leave things as they are ("If it ain't broke, don't fix it"); the other part thinks 2-step verif. is ideal for that one computer.  Then, throw in my confusion between account recovery phone verif. and getting verif. codes, which has led to my confusion about whether I need texting capability, and I am holding off doing anything until/unless I get un-confused.  That's what I'm relying on you and the others for. 

~Diane

[Kenneth Ayers]

2 step verification is to protect your account. It's not computer/device specific. Once enabled, you have 2 step verification setup for any computer/device at which you or someone else may attempt to login.

So for your own computer, you'd enter the verification code once and then select, when prompted, not to require codes anymore on that computer. Or you can keep requiring codes on your own computer if you fear what might happen if it's stolen.

I recommend that you not use 2 step verification until you confirm your phone can actually receive text messages. You don't want to risk getting locked out of your own account.

Why not ask someone you know who is able to text from their phone to attempt to send you a text message?  See if you get anything. I remember a while back my mother-in-law would always say that she couldn't text from her phone. I felt certain though that she could receive texts if sent so I tried texting her. She got the text.  She called me to tell me she got the text but at least she was receiving them even if she hadn't figured out yet how to send them.

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Regards,

Kenneth

[DEP/Dodo]

As always, thank you, Kenneth.  (Are you a teacher or former teacher?  I ask for a coule of reasons.)

Please see comments embedded below in bold.

~Diane

On Sun, Jul 19, 2015 at 5:52 PM, Kenneth Ayers <justk...@gmail.com> wrote:

2 step verification is to protect your account. It's not computer/device specific. Once enabled, you have 2 step verification setup for any computer/device at which you or someone else may attempt to login.

​  Ah, another area of confusion.  My understanding is that 2-step verif. has to be set up on each computer I want that protection on:  

​

​​

During sign-in, you can tell us to remember

​​

that particular computer. From then on,

​​

when you sign in to

​​

that computer, we’ll just ask for your password.

You'll still be covered, because when you or anyone else tries to sign in to your account

​​

from another computer, a verification code or a Security Key will be required.

​(my emphasis)​

​

​So I need to ask you:  Don't I set up 2-step verif. on just the particular computer I will be using away from home (per the words above, "that particular computer")?  And if I or anyone else tries to sign into my Google account/Gmail from any other computer, we will be blocked w/o a code?  Oh!  "Aha moment"!  That would mean I would have to go through ​2-step verif. on my other computers that remain at home when trying to access my account!  (Obviously, so would a hacker on his/her computer.)  And if I don't want to use verif. codes, each time I log into my account/Gmail, I (but not a hacker) can opt to input my password only?  Would this apply on just that one computer or have to be set up as well my other ones that remain at home?  (Note the confusion returning.)  Finally, as was mentioned earlier, I seldom have to log into my account to get to Gmail; it's virtually never.  However, as you've previously mentioned, if a hacker does manage to get into my account, he/she could really mess things up, including my password.  Hence, account recovery and back to the issue of no texting capability.

I would appreciate your setting me straight where needed.

At this specific moment, my impulse is to just stay with the status quo, because I am not going to change my texting inability.  And, therefore, I cannot have account recovery.  

Sorry if I am causing you to have a headache.  

~D.

So for your own computer, you'd enter the verification code once and then select, when prompted, not to require codes anymore on that computer. Or you can keep requiring codes on your own computer if you fear what might happen if it's stolen.

I recommend that you not use 2 step verification until you confirm your phone can actually receive text messages. You don't want to risk getting locked out of your own account.

​  Here is where I am (was?) confused.  Per the link Marko sent, voice calls can be selected to receive verif. codes when using 2-step veif.  However, I believe you are referring to account recovery, which apparently requires text messaging, and you suggest doing this prior to setting up or using 2-step verif.  My question to you is:  How does one input the info necesary to set up for account recovery?  Isn't that already done in "Personal info & privacy"?  That section is where I ran into the problem of not being able to verify my landline or cell phone because neither has texting capability. ​

Why not ask someone you know who is able to text from their phone to attempt to send you a text message?  See if you get anything. I remember a while back my mother-in-law would always say that she couldn't text from her phone. I felt certain though that she could receive texts if sent so I tried texting her. She got the text.  She called me to tell me she got the text but at least she was receiving them even if she hadn't figured out yet how to send them.

​  I will not get anything.  Verizon confirmed that I cancelled text messaging capability 10 years ago (yay for my memory!).  In order to reinstate it, I would have to go with a new plan and leave the amazing one ​I have been grandfathered into.  Not gonna do it.  Is there no other way to effect account recovery in the event of being hacked?

[Kenneth Ayers]

Diane,

No, you don't setup 2 step verification on just the particular computer you will be using away from home. That's too impractical. The world is full of computers and you can't run around setting up 2 step verification on them all.  Certainly the hacker on the other side of the world who has stolen your password somehow will be able to login to your account using his own computer before you can break down the doors to his hacker's lair and setup the 2 step verification there as well.

I exaggerate but I hope this clarifies the point.  2 step verification is NOT something you setup on each computer you may use. Rather, 2 step verification is something you enable on your account itself.  It is then instantly in effect on all computers and devices worldwide. No one, neither your nor anyone else, can then login to your account anywhere on earth without entering the verification code. 

But now it comes to the point where I think you're getting confused. Your account is now protected everywhere but if you're reasonably certain that the computer in your own locked home is unlikely to be stolen by someone who also knows your password, you may opt to let Google know that you're willing to relax the security on that particular computer and not require verification codes there in the future. You'd still have to enter a verification code for that computer at least once but you can then select to let Google know that you don't want to be asked for verification codes there anymore. 2 step verification is still in effect for your account, not disabled in any way, it's just that Google will allow you to make your own computer exempt from requiring verification codes at login.

I hope this helps. As for your Verizon account, without text messaging it seems to be to be an amazingly bad plan. The world has changed too much to stay with a non-texting plan. You say your phone does everything you want and need and yet, based on this discussion, that doesn't appear to be true.

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Regards,

Kenneth

[DEP/Dodo]

You are correct about my confusion, Kenneth.  I can't even articulate what I'm still not "getting."  One way to get around this is bite the bullet and activate 2-step verif. and see directly how it works.  This seems doable because I understand I can subsequently cancel this protection if I choose.  Let me try clarifying (again) something:  Let's say I activate 2-step on my Computer A.  Whenever I log into Gmail or some other Google-related program from that computer (A) or my Computer B or my Computer C or a friend's computer, each time I will be required to input my password and a verification code?  I can also subsequently opt to not receive a verif. code but use only my password, and this would need to be done one time from each computer I access to get into Google?  (Again, I could learn the answers to this by just turning on 2-step, but I'm not that brave--yet.)

You mentioned "the computer in [my] own locked home."  My own computer safely at home does not guarantee it can't be hacked.  If I relax the security on any/all of my computers in my locked home, the hacker still has to deal with both steps of verification, correct?

Thank you for your patience!

~Diane

[Kenneth Ayers]

On Sun, Jul 19, 2015 at 8:39 PM, DEP/Dodo <depf...@gmail.com> wrote:

You are correct about my confusion, Kenneth.  I can't even articulate what I'm still not "getting."  One way to get around this is bite the bullet and activate 2-step verif. and see directly how it works. 

No, you can't bite the bullet and activate 2 step verification because you have no way of receiving verification codes. You need to solve that before you can do anything else. Verizon has plans with free text messaging. In fact I think all their plans have free text messaging. The plan you were grandfathered into sounds like some archaic and obsolete plan and it's holding you back. You need to put that plan to rest.

 

This seems doable because I understand I can subsequently cancel this protection if I choose. 

Yes, you can turn off 2 step verification at any time.  

 

Let me try clarifying (again) something:  Let's say I activate 2-step on my Computer A. 

Maybe just semantics, but you don't activate 2 step verification on Computer A. You activate it on your Google account. You may be typing from Computer A when you activate it but it establishes 2 step verification on your account which affects any future login attempt at Computer A or B or anywhere else.

Whenever I log into Gmail or some other Google-related program from that computer (A) or my Computer B or my Computer C or a friend's computer, each time I will be required to input my password and a verification code? 

Not necessarily each time but at least the first time. If you then tell Google not to require verification codes anymore from whichever computer you're logging in at, then it will no longer be required from that computer. But if you don't exempt a computer from requiring verification codes then, yes, each login attempt at that computer will require verification codes.

 

I can also subsequently opt to not receive a verif. code but use only my password, and this would need to be done one time from each computer I access to get into Google?  (Again, I could learn the answers to this by just turning on 2-step, but I'm not that brave--yet.)

Yes. the exemption from verification codes would need to be granted one time from each computer for which you want to grant that exemption. 

Actually this exemption may not be eternal. If Google believes that suspicious activity is occurring somewhere in the world with your account or perhaps not your account specifically but just an increased threat level in general, Google may decide to once again make you re-enter verification codes on computers for which you've already granted the verification exemption. So then you'd just need to enter a verification code again on the computer you had already trusted and then, again, tell Google not to require codes anymore on that computer. It may be a nuisance but it's for your protection.

 

You mentioned "the computer in [my] own locked home."  My own computer safely at home does not guarantee it can't be hacked.  If I relax the security on any/all of my computers in my locked home, the hacker still has to deal with both steps of verification, correct?

No, if you relax the security for a particular computer so that only passwords are required then only passwords are required for that particular computer. 

 

Thank you for your patience!

~Diane

On Sun, Jul 19, 2015 at 7:37 PM, Kenneth Ayers <justk...@gmail.com> wrote:

But now it comes to the point where I think you're getting confused. Your account is now protected everywhere but if you're reasonably certain that the computer in your own locked home is unlikely to be stolen by someone who also knows your password, you may opt to let Google know that you're willing to relax the security on that particular computer and not require verification codes there in the future. You'd still have to enter a verification code for that computer at least once but you can then select to let Google know that you don't want to be asked for verification codes there anymore. 2 step verification is still in effect for your account, not disabled in any way, it's just that Google will allow you to make your own computer exempt from requiring verification codes at login.

--
You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Regards,

Kenneth

[DEP/Dodo]

As before, please see below.  Once this topic is laid to rest, we both deserve the benefits of the graphic!

~Diane

On Sun, Jul 19, 2015 at 9:19 PM, Kenneth Ayers <justk...@gmail.com> wrote:

No, you can't bite the bullet and activate 2 step verification because you have no way of receiving verification codes. You need to solve that before you can do anything else.

​  Perhaps you missed the message Marko sent me earlier today:

​

​I'm assuming you did specify 'Voice call' as per https://support.google.com/accounts/answer/6051686​​

 

​ See the screen shot again.​

​  I believe I included it once before.​

 

​

Verizon has plans with free text messaging. In fact I think all their plans have free text messaging. The plan you were grandfathered into sounds like some archaic and obsolete plan and it's holding you back. You need to put that plan to rest.

​  It is doing exactly what I want.  Holding me back from 2-step verif. is not sufficient for me to change plans.  The Verizon rep I spoke to said each text msg. was 20 cents regardless of plan.​

 

This seems doable because I understand I can subsequently cancel this protection if I choose. 

Yes, you can turn off 2 step verification at any time.  

 

Let me try clarifying (again) something:  Let's say I activate 2-step on my Computer A. 

Maybe just semantics, but you don't activate 2 step verification on Computer A. You activate it on your Google account.

​  Okay, "via" Computer A is what I meant.  ​

​

​

You may be typing from Computer A when you activate it but it establishes 2 step verification on your account which affects any future login attempt at Computer A or B or anywhere else.

​  Gottit.​

Whenever I log into Gmail or some other Google-related program from that computer (A) or my Computer B or my Computer C or a friend's computer, each time I will be required to input my password and a verification code? 

Not necessarily each time but at least the first time.

​  Yes.​

​  My question was based upon not yet opting out of verif. codes. ​

If you then tell Google not to require verification codes anymore from whichever computer you're logging in at, then it will no longer be required from that computer. But if you don't exempt a computer from requiring verification codes then, yes, each login attempt at that computer will require verification codes.

 

I can also subsequently opt to not receive a verif. code but use only my password, and this would need to be done one time from each computer I access to get into Google?  (Again, I could learn the answers to this by just turning on 2-step, but I'm not that brave--yet.)

Yes. the exemption from verification codes would need to be granted one time from each computer for which you want to grant that exemption. 

Actually this exemption may not be eternal. If Google believes that suspicious activity is occurring somewhere in the world with your account or perhaps not your account specifically but just an increased threat level in general, Google may decide to once again make you re-enter verification codes on computers for which you've already granted the verification exemption. So then you'd just need to enter a verification code again on the computer you had already trusted and then, again, tell Google not to require codes anymore on that computer. It may be a nuisance but it's for your protection.

​  Understood.

 

You mentioned "the computer in [my] own locked home."  My own computer safely at home does not guarantee it can't be hacked.  If I relax the security on any/all of my computers in my locked home, the hacker still has to deal with both steps of verification, correct?

No, if you relax the security for a particular computer so that only passwords are required then only passwords are required for that particular computer.

​  ??  I meant in my question a hacker using a computer in some other country, not one gaining access to my computer.  Then both steps of verif. would be needed by this person.  Is that correct?  

 

​~Diane​

 

    ​

 

 

[DEP/Dodo]

As you can see from my previous message, Kenneth, and as I tried to articulate earlier, verification codes can be sent to my landline via voice call.  It seems to be account recovery information that is sent via text.  I have recovery e-mail, however.

~Diane

[DEP/Dodo]

​And, as indicated, this is not holding me back from 2-step verification.​

On Sun, Jul 19, 2015 at 10:22 PM, DEP/Dodo <depf...@gmail.com> wrote:

Holding me back from 2-step verif. is not sufficient for me to change plans. 

~Diane

[Kenneth Ayers]

On Sun, Jul 19, 2015 at 10:22 PM, DEP/Dodo <depf...@gmail.com> wrote:

​

Verizon has plans with free text messaging. In fact I think all their plans have free text messaging. The plan you were grandfathered into sounds like some archaic and obsolete plan and it's holding you back. You need to put that plan to rest.

​  It is doing exactly what I want.  Holding me back from 2-step verif. is not sufficient for me to change plans.  The Verizon rep I spoke to said each text msg. was 20 cents regardless of plan.​

The More Everything plans offer unlimited talk and text. But if you can receive verification codes via phone call from Google then you may be able to proceed.

 

I meant in my question a hacker using a computer in some other country, not one gaining access to my computer.  Then both steps of verif. would be needed by this person.  Is that correct?  

 

Yes, exempting your own computer exempts your own computer. The hackers computer would not also be exempted.

 

​~Diane​

 

    ​

 

 

[Marko Vukovic]

Hi Diane

If you go to this link (reached by clicking on my avatar, then 'My Account', then 'Security Checkup'), is your landline listed there?

On mine it has a verified cellphone and a 2nd, unverified one (indicated by the red triangle with a 'bang'). If I select the latter and click 'Next', it says it will verify by sending an SMS.

This leads me to believe that a cellphone is required for the account recovery option. I would say then at least in the meantime, use an alternate email and a security question.

Don't be confused though, none of the above has anything to do with 2-step verification 😜, it is just a good idea to have recovery options before you start.

Now, re. 2-step, it would seem that unlike the above, Google does support voice calling to a landline. I would therefore suggest that once you have done the above, turn on 2-step and give it a try.
You can then disable it for those devices you feel are secure. If you don't like it after all, just turn it off.

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Marko

[DEP/Dodo]

Hi, Marko.  Welcome back to this discussion.  Starting with your second paragraph, that is what I have found.  My landline home phone shows as my account recovery phone (with a red triangle to the right and a white exclamation mark (!) within, apparently what you refer to as a "bang."  It cannot be verified because it requires being sent an SMS with a verif. code.  ("To make sure everything works, we'll send you an SMS with a verification code.")  As has been mentioned, I have no texting capability.  I found the phone number and triangle via my "Your personal information."

​In your first paragraph, what link?  Clicking on your picture (avatar?) did nothing, but hovering did.  See screen shot.   I don't see "My Account" or "Security Checkup."  And why would my landline be listed there?  Or, more likely, what am I misunderstanding?

​As I also have mentioned previously, I have a recovery e-mail address listed in "Your personal information."  I have set it up so messages sent to that recovery e-dress (which ends in sbcglobal.net)​ reach me at my Gmail account.  I don't want that changed.  However, within all the experimenting I've been doing, I have found that sbcglobal.com messages that reach me in Gmail also appear in the actual sbcglobal e-mail.  To ensure I tested this correctly, I'd like to tell you what I did.  I opened up my husband's Gmail account and sent a msg. to the recovery sbcglobal.net address.  As expected, I received it in my Gmail account and confirmed it also appeared in the sbcglobal account.  So it appears I can continue to use that as my backup recovery e-dress.

​I haven't yet gotten to anything that requests a security question.  Where would that be?

~Diane

[DEP/Dodo]

Marko:  I just found it ("Secret question") in "Account recovery options"!  Yippee!

~Diane

[DEP/Dodo]

Uh-oh, look what else I just found, Marko.  See screen shot.

~Diane

[DEP/Dodo]

Obviously, you didn't mean your (Marko's) avatar.  I found "Recovery email," "Recovery phone," and "Secret question," all within "Signing In to Google" and not "My Account" and the rest.  We have already discussed the recovery phone issue ad nauseam.  We now know the "Secret question" is no longer used.  That leaves me only "Recovery email."  Apparently, that is sufficient per the word "or" following:  "Please consider adding a recovery phone or recovery email address to keep your account secure."

So the only remaining concern I have is whether I can use the recovery e-mail address I previously described in detail.  And that appears to be okay from my test results.

~Diane

On Sun, Jul 19, 2015 at 11:51 PM, Marko Vukovic <marko....@gmail.com> wrote:

[DEP/Dodo]

To Anyone:  

Do you know anyone--or have you yourself avoided hacking--by using 2-step verification?

~Diane

[Marko Vukovic]

On Mon, Jul 20, 2015 at 1:19 PM, DEP/Dodo <depf...@gmail.com> wrote:

So the only remaining concern I have is whether I can use the recovery e-mail address I previously described in detail.  And that appears to be okay from my test results.

The problem with your recovery address is that you seem to be either forwarding to Gmail, or have Gmail retrieve email from a mailbox via POP3.
This won't help you unless you can access this recovery mailbox by a means other than Gmail.​

--

Marko

[Jeff Grossman]

Diane,
As Kenneth stated below I would not turn on 2 step verification until you can get verification codes on your cell phone.  That is what you need to accomplish first before you even start thinking about 2 step verification.  I have been reading all of the messages in this thread.  I have a question for you.  You state that you are trying to use your home phone to get the verification code but unable to.  With 2 step verification why would you want to tie it to your home phone?  You mentioned there is a laptop that you sometimes take mobile with you.  How can you use 2 step verification with that laptop if you want to use your home phone as the place to receive your verification code?  You wouldn't be home to get the verification code which means you would not be able to log into Gmail or your Google account at all.  I think the whole purpose of 2 step verification is to use your cell phone which you will probably always have with you as the 2nd form of verification besides the password that you type in.

Jeff

[John Blake]

Just one thing to add, not sure if it hasn't already been said, but you can print verification codes (10 at a time) for those times you may not have access to a cell service. Once you use a code, cross it out as it's no good any more. I printed off a set when I first set up 2 step verification, thought I'd never use them. I was away and had forgot my cell (yea I know, dumb), and wanted to log into my account on a library computer. I had the codes in my bag, I'd forgotten they were there, and her presto, it worked. Hope I haven't added to the confusion.

[DEP/Dodo]

Marko, you wrote:  

​"

This won't help you unless you can access this recovery mailbox by a means other than Gmail.​"  I sent a test e-mail to an sbcglobal.net email account, and the message is there as well as arrived in my Gmail account.

[DEP/Dodo]

Hi, Jeff:

Marko was the first to find information that verif. codes could be sent by voice to  my landline, and I have provided that info via screen shot in at least one of these messages.  I'll attach it again.

To answer your question (definitely a good one):  

​"

How can you use 2 step verification with that laptop if you want to use your home phone as the place to receive your verification code?  You wouldn't be home to get the verification code which means you would not be able to log into Gmail or your Google account at all."

I was going to set up 2-step while at home to be able to get the verif. code by voice on my home phone.  Then I was going to drop the verif. code step.  As Kenneth wrote:  " . . . you may opt to let Google know that you're willing to relax the security on that particular computer and not require verification codes there in the future. You'd still have to enter a verification code for that computer at least once but you can then select to let Google know that you don't want to be asked for verification codes there anymore. 2 step verification is still in effect for your account, not disabled in any way, it's just that Google will allow you to make your own computer exempt from requiring verification codes at login."

Am I still missing something, Jeff?

~Diane

--
You received this message because you are subscribed to a topic in the Google Groups "Gmail-Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/gmail-users/vPDZi_T4-E8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to gmail-users...@googlegroups.com.

[DEP/Dodo]

I have since run into one strange phenomenon with the potential recovery e-mail address I have mentioned in several posts.  When I access the sbcglobal.net account via IE or FF, the message has somehow (not by me!!!) moved from the Inbox to Trash.  I have moved it back to the Inbox, and it moves again to Trash.

~Diane

[DEP/Dodo]

I am almost ready to "do the deed" but have one more question.  If I set up 2-step verif.and opt to exempt a particular computer from getting verif. codes (is "trusted computer" the term?), the second layer of protection, am I able to subsequently reinstate getting the codes if I change my mind?

~Diane

[Marko Vukovic]

Hi Diane

You really need to start looking up the info, it's all there...
Add or Remove trusted computers

On Wed, Jul 22, 2015 at 7:32 AM, DEP/Dodo <depf...@gmail.com> wrote:

I am almost ready to "do the deed" but have one more question.  If I set up 2-step verif.and opt to exempt a particular computer from getting verif. codes (is "trusted computer" the term?), the second layer of protection, am I able to subsequently reinstate getting the codes if I change my mind?

~Diane

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Marko

[DEP/Dodo]

Marko, you have no idea how much information I have been looking up, printing, saving.  That includes the info in the link you provided.  Looking at it yet again, more questions:  (1) I do not see how to reinstate the verif. step if I opt out of it; however, my logic says it will be to repeat what I did initially when I began 2-step verif.; (2) I do not understand how cookies work.  In that section of the link ("Trust this computer option"), it says:  "You can either set your browser to save cookies, or you can add an exception for Google Account cookies by adding [*.]google.com."  Is that to be taken literally; that is, do I literally input the section I highlighted--bracket, asterisk, period, asterisk--and then the words google.com?  Or should I just set my browser to save cookies?  And how do I do that?  (3) Incognito mode?  I know nothing about that.  Do I really need to for 2-step verif.?

I can't believe it is so complex to set this protection up.  Yet I bet others have done it w/o all the research I've done!

Finally, Chrome is my default browser.  I thought I'd throw that in because I'm sure it has something to do with all this.

Well, so much for being ready to start 2-step verif. 

~Diane

​​

[DEP/Dodo]

To simplify my life:  What should my cookies settings be for 2-step verif.?  The link you provided me says I can set my browser [Chrome] to save cookies or add that exception i included in my earlier post just below.  I have no clue what to do!  Will Chrome "save cookies" if I uncheck "Cookies and other site and plugin data" (whatever all those are)?

[Marko Vukovic]

Hi Diane

It is not that complicated. Don't worry about the cookies.

Just for fun, I have now turned on 2-step verification for myself. I was asked to re-enter my password and then confirm recovery details.

I then entered the cellphone number for receiving 2-step codes (doesn't have to be the same as recovery phone, and can be a landline for voice codes).

I was then signed out of my Google account, asked to re-enter password and then asked for a code, which was promptly received by SMS on my phone. There was a checkbox to always trust this computer, which I checked.

I have subsequently had to re-sign in to Chrome and Google Accounts on my phones. On each one I have the option to always trust the specific device.

I then also installed the Google Authenticator app which generates codes (works offline even) so it is even simpler than having to receive SMS.

In the 2-step settings, trusted computers and devices are listed. There are buttons there to 'Require codes' and 'Change setting' i.e. to revoke trust.
If I so choose, there is also a button top-right to turn off 2-step.

In the Verification codes section, I saved the backup codes to a text file. One can also add more than one phone number (for SMS or voice) to receive codes.

In summary, it is not complicated at all. I would in your case, be sure to enable SMS on your cellphone, a) to use for recovery (can only be cellphone) and b) it is probably more reliable than the automated voice call.
I would also consider upgrading to a smart phone. The authenticator app is the simplest method for 2-step. There are plenty of cheap Android phones on the market. Once you go smart, you will never look back. Even my 75 year old dad will agree 😉

--

Marko

[DEP/Dodo]

Marko, this has such amazing information and is not the first time you have provided me such invaluable help!  (I also appreciated your comment to not worry about the cookies!)  

As you and I discussed a few days ago, we don't have to sign in to Chrome or Gmail and, to date, have remained "safe."  But I understand that will change once 2-step verif. is in place since signing in and providing a password is step one.

I will definitely re-read your message tomorrow.  It is past 2 a.m. for me now because I have been working on this for another late night.  One more question before I sign off:  Do you think that "trusting" a computer is sufficient protection?  Again, for me, there is only that ever leaves my home with me.

BTW, a main reason I don't want to "go smart" is that I would want to know everything the phone can do and would compulsively pursue it along the lines I have been working on understanding 2-step verif.  Also, I am hooked on Gmail as is and know I would become the same with texting.

Marko, thank you again!

~Diane

--
You received this message because you are subscribed to a topic in the Google Groups "Gmail-Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/gmail-users/vPDZi_T4-E8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to gmail-users...@googlegroups.com.

[DEP/Dodo]

As you can see, Marko, I haven't logged off yet.  

In your opinion, is protection still significant if a computer is "trusted"?  Of our three computers, two always remain at home.  The third I sometimes take with me to use elsewhere.  Among the three, this is the one that probably should be "untrusted," but I am still considering "trusting" it.  Your thoughts?

~Diane

[Marko Vukovic]

On Wed, Jul 22, 2015 at 11:09 AM, DEP/Dodo <depf...@gmail.com> wrote:

Marko, this has such amazing information and is not the first time you have provided me such invaluable help!  (I also appreciated your comment to not worry about the cookies!)  

👍😁

 

As you and I discussed a few days ago, we don't have to sign in to Chrome or Gmail and, to date, have remained "safe."  But I understand that will change once 2-step verif. is in place since signing in and providing a password is step one.

​Yes, but if you choose to register that computer/device it will be as before and will not bother you again once you've entered the code once and checked the box to 'always trust this computer'.

​

 

I will definitely re-read your message tomorrow.  It is past 2 a.m. for me now because I have been working on this for another late night.  One more question before I sign off:  Do you think that "trusting" a computer is sufficient protection?  Again, for me, there is only that ever leaves my home with me.

​Not an easy question to answer. It depends on the user and basic security policy. If one has admin rights to one's computer, the risk is obviously much higher. As an IT professional, I know and understand these risks but many users do not. I have clients who still have admin rights to their PCs because they insist on being able to install stuff without hindrance, but also regularly manage to infect themselves with malware.​ ​

 

BTW, a main reason I don't want to "go smart" is that I would want to know everything the phone can do and would compulsively pursue it along the lines I have been working on understanding 2-step verif.  Also, I am hooked on Gmail as is and know I would become the same with texting.

Marko, thank you again!

​Well, besides making phone calls, a smart phone runs apps (applications) from Gmail to games to office apps.
With an Android phone, one also signs in using a Google account so one's mail and contacts are then also sync'ed to the phone.​ Even Chrome history is sync'ed, very convenient.
I'm sure your local provider could arrange a demo for you. A phone with good bang for buck would be something like the Moto E.

​Ciao​

--

Marko

[Marko Vukovic]

LOL go get some sleep 😴

I am considering a nap, it is 100+ in the shade here in Croatia!

See my reply to your other email. It's all about how 'secure' those computers are deemed to be. I would say trust them for now, you can always revoke that in the 2-step settings.

--

Marko

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.

To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Marko

[DEP/Dodo]

​Marko:

What I meant is even after "trusting" a computer, it will then always be necessary to input the password.  Thus, it won't "be as before" in this regard.  This is something I don't do now when I go to Chrome or Gmail.  As we discussed a few days ago, it's as if we're always signed in, perhaps because we are (now "were" for you)?​

[Marko Vukovic]

No, my trusted computer is behaving as before. I entered the password and checked the 'stay signed in' checkbox then entered the 2-step code once, checking the 'always trust' checkbox and haven't been asked for anything since. 

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.

To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Marko

[DEP/Dodo]

​One final question tonight (rather, this a.m.) and then I'm really signing off!  It's on another topic and is far less serious/important.​  What is the difference between a "thread" and a "conversation"?  Or are they synonymous?  To me, "conversations" are the individual messages about a particular topic ("thread"), e.g., 2-step verification. 

Based on the temperature there, I will stop complaining about the temp here!

Good-night or, rather, good morning.  Good afternoon?

~Diane

[Marko Vukovic]

On Wed, Jul 22, 2015 at 11:55 AM, DEP/Dodo <depf...@gmail.com> wrote:

This is something I don't do now when I go to Chrome or Gmail.

​As long as you check the 'stay signed in' checkbox, and then the one for 'don't ask for codes again' or 'always trust this computer' (I forget the wording), it will be as before. You will do this once each for Chrome and for FF.​

--

Marko

[Marko Vukovic]

A thread and conversation are the same thing. Gmail just calls it the latter. Different mail clients may use different parts of the message to arrange into a thread e.g. Subject, In-Reply-To or References headers.

Good afternoon here, good morning to you ;)

--
You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Marko

[DEP/Dodo]

Please see below, Marko.  And then I'm really, really, really calling it quits again.  (I don't even think I believe myself now.)

On Wed, Jul 22, 2015 at 3:06 AM, Marko Vukovic <marko....@gmail.com> wrote:

On Wed, Jul 22, 2015 at 11:55 AM, DEP/Dodo <depf...@gmail.com> wrote:

This is something I don't do now when I go to Chrome or Gmail.

​  

To be clear, here I was referring to​ doing nothing to access Chrome or Gmail.  I just click on their icons, and I'm in.  No password.  

​As long as you check the 'stay signed in' checkbox, and then the one for 'don't ask for codes again' or 'always trust this computer' (I forget the wording), it will be as before.

​ I'm confused again.  At the least, a password is required with 2-step verif., right?  Again, I don't need my password now, so it cannot "be as before" in this regard.  I'm repeating what I wrote above.​

​

 

There is a "stay signed in" checkbox?  Since a password is required to access Google or Chrome, what does that checkbox mean? 

 

​

You will do this once each for Chrome and for FF.​

​  Why FF?  While I have that browser as well as IE, I don't use them to get into Gmail or Google groups or . . .​

[DEP/Dodo]

On Wed, Jul 22, 2015 at 3:04 AM, Marko Vukovic <marko....@gmail.com> wrote:

No, my trusted computer is behaving as before. I entered the password and checked the 'stay signed in' checkbox then entered the 2-step code once, checking the 'always trust' checkbox and haven't been asked for anything since. 

​ I don't know what "stay signed in" means unless it is related to your keeping your computer on, never signing off as you mentioned earlier.  I sign out and shut down the computer when I'm done.  Yet the next time I start the computer and go to Gmail or Chrome, I am still not asked for my password.  Once I have 2-step., I expect to have to input my password the next time I use a trusted computer.  If I am incorrect, what am I missing?  

 

~Diane

​

 

On Wed, Jul 22, 2015 at 11:55 AM, DEP/Dodo <depf...@gmail.com> wrote:

​Marko:

What I meant is even after "trusting" a computer, it will then always be necessary to input the password.  Thus, it won't "be as before" in this regard.  This is something I don't do now when I go to Chrome or Gmail.  As we discussed a few days ago, it's as if we're always signed in, perhaps because we are (now "were" for you)?​

On Wed, Jul 22, 2015 at 2:43 AM, Marko Vukovic <marko....@gmail.com> wrote:

As you and I discussed a few days ago, we don't have to sign in to Chrome or Gmail and, to date, have remained "safe."  But I understand that will change once 2-step verif. is in place since signing in and providing a password is step one.

​Yes, but if you choose to register that computer/device it will be as before and will not bother you again once you've entered the code once and checked the box to 'always trust this computer'.

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Marko

--
You received this message because you are subscribed to a topic in the Google Groups "Gmail-Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/gmail-users/vPDZi_T4-E8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to gmail-users...@googlegroups.com.

[Marko Vukovic]

Lol, Diane.

Signing in/out in this sense relates to your Google account.
The 'stay signed in' checkbox means that when you open Gmail, it simply opens to your Inbox without asking for anything.
When you enable 2-step, you will have to enter your password, and then also the 2-step code. If you check both 'stay signed in' and then also 'trust this computer' then it will work as before.

[DEP/Dodo]

Yikes, Marko!  This is the first I've learned about a "stay signed in" option.  Is there also an explanation available at that point in 2-Step as to what this option means?  Without your description, I don't know what I would have done.  Can you fly out to CA and look over my shoulder when I finally enable 2-Step in case I run into any othe unexpected info?

I just re-read your first two sentences.  New confusion.  Please see below.

~Diane

On Wed, Jul 22, 2015 at 3:46 AM, Marko Vukovic <marko....@gmail.com> wrote:

Signing in/out in this sense relates to your Google account.
The 'stay signed in' checkbox means that when you open Gmail, it simply opens to your Inbox without asking for anything.

​ But you just wrote that signing in/out relates to my Google acccount.  Now it seems you are saying it applies to opening Gmail. ???​

When you enable 2-step, you will have to enter your password, and then also the 2-step code. If you check both 'stay signed in' and then also 'trust this computer' then it will work as before.

​ "As before"​ means to me no password to get into Gmail or any Google groups (as this one if I choose to visit it on its actual site rather than my Gmail) or the calendar or . . .  But 2-Step requires a password to get into--what?

[Marko Vukovic]

​Hi Diane

I hope you got some sleep today.​

On Wed, Jul 22, 2015 at 9:50 PM, DEP/Dodo <depf...@gmail.com> wrote:

Yikes, Marko!  This is the first I've learned about a "stay signed in" option.  Is there also an explanation available at that point in 2-Step as to what this option means?  Without your description, I don't know what I would have done.  Can you fly out to CA and look over my shoulder when I finally enable 2-Step in case I run into any othe unexpected info?

​HAHA. I normally assist my remote clients via Teamviewer ;)

I shall use pictures:

Now, when you enable 2-step, you will be signed out of your Google account. This means everything Google, your Gmail, Google Calendar etc. etc.​

 

​Make sure the checkbox 'Stay signed in' is checked. This is how you can open Gmail without being asked for a password.

After you click 'Sign in', you will then need to enter your 2-step code:

In my case I am using the Authenticator app. In your case it will be SMS or voice call.

You will see a checkbox for 'Don't ask again on this computer'. This seems to be on by default. Leave this checked if you are wanting to trust ​the computer you are signing in with.

That's it. If you had checked both boxes, you will not be asked for a password and you will not require codes on that computer.

I just re-read your first two sentences.  New confusion.  Please see below.

~Diane

On Wed, Jul 22, 2015 at 3:46 AM, Marko Vukovic <marko....@gmail.com> wrote:

Signing in/out in this sense relates to your Google account.
The 'stay signed in' checkbox means that when you open Gmail, it simply opens to your Inbox without asking for anything.

​ But you just wrote that signing in/out relates to my Google acccount.  Now it seems you are saying it applies to opening Gmail. ???​

​As above, your Google account is for everything Google. This includes Gmail. 

When you enable 2-step, you will have to enter your password, and then also the 2-step code. If you check both 'stay signed in' and then also 'trust this computer' then it will work as before.

​ "As before"​ means to me no password to get into Gmail or any Google groups (as this one if I choose to visit it on its actual site rather than my Gmail) or the calendar or . . .  But 2-Step requires a password to get into--what?

​Read carefully now... If you check the 'Stay signed in' checkbox, you will not be asked for a password again on that computer. If you checked the ​'Don't ask again on this computer' when entering the 2-step codes then you will not need to enter codes again on that computer.

This means that if you had checked both boxes (on my default) as above, all will be as before and you will not be asked for anything when opening Gmail, Calendar, Groups etc. on that computer.

​I don't know how to make this any simpler.​

​Edit: 'that computer' does not cover each individual browser eg. Chrome, Firefox, IE. You will have to enter codes for each one if you are using 2-step.​

​Ciao​

--

Marko

[DEP/Dodo]

Marko, I am very appreciative of your patience.  Others understandably would have thrown up their hands in exasperation way before now!  It can be difficult enough to explain things face-to-face, even with examples.  But here, to do so in writing, is daunting!  You have the stuff of a teacher in you; you have been teaching here.  And others who are interested in this topic are also learning from you.  

I'm hoping that with your heroic efforts, what you have so patiently been trying to explain will be clearer when I actually do set up 2-Step.  And some of my questions will be answered by doing; in other words, setting up 2-Step is more user-friendly that it seems.  But first I am reviewing what you (and others) have written and am also awaiting your responses to anything else I've added since we last met.  To be honest, I've had others, also clearly trying to be helpful, only confuse me.  Not their fault!  (I wonder if some of their replies would also confuse you, but I'll never know.)

I've made some comments below in bold.  Will not enable 2-Step until I've heard back from you!

~Diane

On Wed, Jul 22, 2015 at 1:18 PM, Marko Vukovic <marko....@gmail.com> wrote:

​Hi Diane

I hope you got some sleep today.​  And I hope you found some shade cooler than 100-degrees.

On Wed, Jul 22, 2015 at 9:50 PM, DEP/Dodo <depf...@gmail.com> wrote:

Yikes, Marko!  This is the first I've learned about a "stay signed in" option.  Is there also an explanation available at that point in 2-Step as to what this option means?  Without your description, I don't know what I would have done.  Can you fly out to CA and look over my shoulder when I finally enable 2-Step in case I run into any othe unexpected info?

​HAHA. I normally assist my remote clients via Teamviewer ;)  I think such tools (LogMeIn, Teamviewer, etc.) are wonderful!

I shall use pictures:

Now, when you enable 2-step, you will be signed out of your Google account. This means everything Google, your Gmail, Google Calendar etc. etc.​

 

​Make sure the checkbox 'Stay signed in' is checked. This is how you can open Gmail without being asked for a password.  What would happen if I didn't opt for "Stay signed in"?  It sounds like you are saying I would also be asked for the password for that.??

After you click 'Sign in', you will then need to enter your 2-step code:  

In my case I am using the Authenticator app. In your case it will be SMS or voice call.

You will see a checkbox for 'Don't ask again on this computer'. This seems to be on by default. Leave this checked if you are wanting to trust ​the computer you are signing in with.

That's it. If you had checked both boxes, you will not be asked for a password and you will not require codes on that computer.  By "both boxes," do you mean "Stay signed in" and "Don't ask again . . ."?  Sounds like if both are checked, 2-Step has not been enabled.???  Keep reading below.

I just re-read your first two sentences.  New confusion.  Please see below.

~Diane

On Wed, Jul 22, 2015 at 3:46 AM, Marko Vukovic <marko....@gmail.com> wrote:

Signing in/out in this sense relates to your Google account.
The 'stay signed in' checkbox means that when you open Gmail, it simply opens to your Inbox without asking for anything.

​ But you just wrote above that signing in/out relates to my Google acccount.  Now it seems you are saying it applies to opening Gmail. ???​

​As above, your Google account is for everything Google. This includes Gmail. 

When you enable 2-step, you will have to enter your password, and then also the 2-step code. If you check both 'stay signed in' and then also 'trust this computer' then it will work as before.

​ "As before"​ means to me no password to get into Gmail or any Google groups (as this one if I choose to visit it on its actual site rather than my Gmail) or the calendar or . . .  But 2-Step requires a password to get into--what?  I thought it was the key to get into all things Google.

​Read carefully now... If you check the 'Stay signed in' checkbox, you will not be asked for a password again on that computer.  As is the case now for me w/o 2-Step.  If you checked the ​'Don't ask again on this computer' when entering the 2-step codes then you will not need to enter codes again on that computer.  As is the case now for me.  So it sounds like if 2-Step is enabled, password & code are required once, and that's it.  But my understanding from all I've read is that each time I use a trusted computer, I will still need to input my password to gain entry to all things Google.

This means that if you had checked both boxes (on my default) as above, all will be as before and you will not be asked for anything when opening Gmail, Calendar, Groups etc. on that computer.

​I don't know how to make this any simpler.​  I bet, and I'm sorry.  Obviously, I am still missing something depite reading every word you've written.  Again, maybe I just have to "dive in" to understand.  

​Edit: 'that computer' does not cover each individual browser eg. Chrome, Firefox, IE. You will have to enter codes for each one if you are using 2-step.​   Even if I only access Google stuff via Chrome????  

​Ciao​

--

Marko

[DEP/Dodo]

New but related question for anyone.  I know--how can there be any more?!  Marko may be in the fetal position somewhere by now, mumbling and drooling.  

My husband and I share a desktop computer as separate users.  So if I, User Diane, enable 2-step verif. on this shared computer, it will only affect my Google account, right?  He absolutely doesn't want to deal with 2-step!  In other words, if I, User Diane, enable 2-step from this shared computer and he logs on to the computer as User Steve (and, again, now we don't input anything; we just click on our respective account pictures), will only User Diane have to provide a Google account password (assuming this is a "trusted" computer)?

Meanwhile, I still need clarification on 2-step verif. with regard to my other browsers on each computer (IE and FF; Chrome is default and what I use for all things Google).  So, please, take a deep breath, exhale slowly, and try to explain. 

~Diane

[Kenneth Ayers]

Yes, his account will not be affected by changes you make to your account.

If you don't use Firefox or IE then don't worry about them.  If someday you decide to login to your Google account via one of those other browsers then perhaps you'll have to enter a verification code for that browser just as if it were its own computer.  I'm not entirely sure about that but that would make sense.  But what does it matter if you're not going to use them?

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.

To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Regards,

Kenneth

[DEP/Dodo]

Thanks for helping again, Kenneth.  Please see below in bold.

~Diane

On Wed, Jul 22, 2015 at 10:09 PM, Kenneth Ayers <justk...@gmail.com> wrote:

Yes, his account will not be affected by changes you make to your account.

If you don't use Firefox or IE then don't worry about them.  If someday you decide to login to your Google account via one of those other browsers then perhaps you'll have to enter a verification code for that browser just as if it were its own computer.  I'm not entirely sure about that but that would make sense.

​  That was also my take on it, but I was probably less sure than you.​

  But what does it matter if you're not going to use them?

​  I would never say "never."  And if I did, I guess I'd get a definitive answer then.​

On Wed, Jul 22, 2015 at 8:13 PM, DEP/Dodo <depf...@gmail.com> wrote:

New but related question for anyone.  I know--how can there be any more?!  Marko may be in the fetal position somewhere by now, mumbling and drooling.  

My husband and I share a desktop computer as separate users.  So if I, User Diane, enable 2-step verif. on this shared computer, it will only affect my Google account, right?  He absolutely doesn't want to deal with 2-step!  In other words, if I, User Diane, enable 2-step from this shared computer and he logs on to the computer as User Steve (and, again, now we don't input anything; we just click on our respective account pictures), will only User Diane have to provide a Google account password (assuming this is a "trusted" computer)?

Meanwhile, I still need clarification on 2-step verif. with regard to my other browsers on each computer (IE and FF; Chrome is default and what I use for all things Google).  So, please, take a deep breath, exhale slowly, and try to explain. 

~Diane

--
You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Regards,

Kenneth

--
You received this message because you are subscribed to a topic in the Google Groups "Gmail-Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/gmail-users/vPDZi_T4-E8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to gmail-users...@googlegroups.com.

[Marko Vukovic]

​Hey Guys​

On Thu, Jul 23, 2015 at 8:09 AM, DEP/Dodo <depf...@gmail.com> wrote:

If you don't use Firefox or IE then don't worry about them.  If someday you decide to login to your Google account via one of those other browsers then perhaps you'll have to enter a verification code for that browser just as if it were its own computer.  I'm not entirely sure about that but that would make sense.

​  That was also my take on it, but I was probably less sure than you.​

  But what does it matter if you're not going to use them?

​  I would never say "never."  And if I did, I guess I'd get a definitive answer then.​

​This is where cookies come in. Google sets a cookie on your computer which it uses to identify you (or more specifically, your browser). Seeing as Steve has his own Windows logon, he will then also have his own Chrome profile and therefore not be affected by your 2-step settings.
Google should probably call it 'this browser' and not 'this computer'.​

--

Marko

[DEP/Dodo]

This phenomenon is still occurring.  I haven't heard from anyone about it.  In fact, I have since received a couple of messages sent to the sbcglobal.net e-mail which I have set up to be accessed in my Gmail account.  They also have gone to the sbc e-mail.  I have checked that via FF and IE.  But they continue to move themselves from the Inbox to Trash until I move them back to the Inbox.  ????

~Diane

On Tue, Jul 21, 2015 at 7:53 PM, DEP/Dodo <depf...@gmail.com> wrote:

[Marko Vukovic]

Create a new topic for this one please Diane, this conversation is already long enough without mixing in another topic.

Is this phenomenon happening in your Gmail?

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Marko

[DEP/Dodo]

Hi, Marko!  I'm about to go to bed--again too late!

I didn't create a new topic for this because I mentioned it earlier in connection with having a backup e-mail account for recovery purposes for 2-step verif.  Thus, it is part of this topic.

To answer your question, no, this does not happen with Gmail--only within sbcglobal.net.

~Diane

On Thu, Jul 23, 2015 at 12:40 AM, Marko Vukovic <marko....@gmail.com> wrote:

[Marko Vukovic]

​Hi Diane

Thanks for the appreciation 😁 

​Make sure the checkbox 'Stay signed in' is checked. This is how you can open Gmail without being asked for a password.  What would happen if I didn't opt for "Stay signed in"?  It sounds like you are saying I would also be asked for the password for that.??

If you leave that box unchecked, you will be asked for a password every time you open Gmail etc.
This has nothing to do with 2-step though, it is just the usual Google sign-in.​

That's it. If you had checked both boxes, you will not be asked for a password and you will not require codes on that computer.  By "both boxes," do you mean "Stay signed in" and "Don't ask again . . ."?  Sounds like if both are checked, 2-Step has not been enabled.???  Keep reading below.

​Correct. you are essentially saying "I trust this computer (browser) so don't ask me for codes here".

This does not mean that 2-step is disabled. If, for example, Johnny Cracker has somehow stolen your password and tries to login to your Gmail from his computer or device, he will be asked for a 2-step code and that's where he will be stuck. This is the whole point of the 2-step verification, it really is a thing of goodness IMHO. No idea why I disabled it, I certainly will keep using it from now on.​

 

​Read carefully now... If you check the 'Stay signed in' checkbox, you will not be asked for a password again on that computer.  As is the case now for me w/o 2-Step.  If you checked the ​'Don't ask again on this computer' when entering the 2-step codes then you will not need to enter codes again on that computer.  As is the case now for me.  So it sounds like if 2-Step is enabled, password & code are required once, and that's it.  But my understanding from all I've read is that each time I use a trusted computer, I will still need to input my password to gain entry to all things Google.

​Your Google account password has nothing to do with 2-step. I will say it again: If you check the box to stay signed in, you will not be asked for a password thereafter.
When you are asked for the 2-step code, if you then leave the box checked to not ask for codes again on that computer, then you will not be asked for codes again.
Now, if you then close your browser and re-open it to Gmail, it will simply open Gmail without asking for anything.

​I don't know how to make this any simpler.​  I bet, and I'm sorry.  Obviously, I am still missing something depite reading every word you've written.  Again, maybe I just have to "dive in" to understand.  

​Time to dive in Diane, it really isn't complicated. Have you enabled SMS for your phone yet?​

​Edit: 'that computer' does not cover each individual browser eg. Chrome, Firefox, IE. You will have to enter codes for each one if you are using 2-step.​   Even if I only access Google stuff via Chrome????  

​It is per browser, which Google identifies by the cookie(s) that it has set. If you only ever access Google stuff via Chrome then don't worry about it.​

​Ciao​

--

Marko

[Marko Vukovic]

On Thu, Jul 23, 2015 at 9:51 AM, DEP/Dodo <depf...@gmail.com> wrote:

Hi, Marko!  I'm about to go to bed--again too late!

​Goodnight then D. I only just had breakfast 😜​

 

I didn't create a new topic for this because I mentioned it earlier in connection with having a backup e-mail account for recovery purposes for 2-step verif.  Thus, it is part of this topic.

To answer your question, no, this does not happen with Gmail--only within sbcglobal.net.

​But... this is a Gmail forum! Is there anything else connected to that sbcglobal.net account e.g. IMAP mail client etc.?

I would suggest changing your password immediately and see if the trouble stops.​

--

Marko

[Jeff Grossman]

Diane,

The "stay signed in" option is not specific to 2-step Verification.  It has always been an option when you signed into your Google Account.  You selected that option originally which is why it does not ask for your password each time you go into Gmail.

Jeff

--

[DEP/Dodo]

Thanks, Jeff.  I understood that "stay signed in" wasn't specific to 2-step veirf.  I just didn't know where the "stay signed in" checkbox was.  What you wrote makes sense, especially since I probably selected that option years ago.  And now I do see it in My Account when I click on my e-mail address at the top right of the page; that is, I see the option to "Sign out."  I hadn't seen that previously simply because I never had a reason to click on my e-dress previously. 

Now I can better understand what poor Marko was trying to explain.

~Diane

[DEP/Dodo]

On Thu, Jul 23, 2015 at 12:57 AM, Marko Vukovic <marko....@gmail.com> wrote:

To answer your question, no, this does not happen with Gmail--only within sbcglobal.net.

​But... this is a Gmail forum!

​  Oops. good point. ​

Is there anything else connected to that sbcglobal.net account e.g. IMAP mail client etc.?

​  Sorry, I don't speak computereze.​  I can only repeat that it is this e-dress that I set up to also have messages delivered to me in my Gmail.

I would suggest changing your password immediately and see if the trouble stops.

​  I resolved the issue by creating a new folder in that sbc account and moving Inbox messages there that I want to keep.  So far. so good!  

[DEP/Dodo]

So I finally helped you by inadvertently reminding you of this capability!

~Diane

On Thu, Jul 23, 2015 at 12:54 AM, Marko Vukovic <marko....@gmail.com> wrote:

​Hi Diane

Thanks for the appreciation 😁 

​" . . .​ 

[Diane]

Anyone:

It has been suggested to me that if I really want to trust a computer, I will have to sign into my Google account from all of the browsers that my computer has.  I occasionally use IE and FF.  Should I do that?   

~Diane

[Marko Vukovic]

Yes you did Diane, so thank you for that! 😎👍

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.

[Marko Vukovic]

If you turn on 2-step and don't want to be asked for codes when using those browsers again in future then yes, you should sign in to Google on each one and then leave the box checked for "Don't ask again on this computer".

--

[DEP/Dodo]

Marko, now that you've enabled 2-step verif. again, have you opted to trust or untrust your computer(s)?  i understand it will depend on how/where you use it/them.  Just curious.  I understand not trusting a computer enables greater security.

Has anyone had problems with a trusted computer?

~Diane

[Marko Vukovic]

I have opted to trust the computer and cellphone that I have with me since I am confident in my own ability to keep both free from malware.

I do enjoy the peace of mind that should Johnny Cracker have my password and be attempting to access my Google account from some other computer, he would be confronted by 2-step verification and would not be able to proceed any further.

[Kenneth Ayers]

Diane,

On Thu, Jul 23, 2015 at 11:26 PM, Diane <depf...@gmail.com> wrote:

Anyone:

It has been suggested to me that if I really want to trust a computer, I will have to sign into my Google account from all of the browsers that my computer has.  I occasionally use IE and FF.  Should I do that?   

But do you occasionally use IE and FF to access Gmail or Google groups or anything else that requires you to be logged into Google?  If not then there's no point in signing in just for the sake of establishing trust on those browsers.

Kenneth

  

[DEP/Dodo]

Very good question for me to consider, Kenneth.  I have loggged into Google via both browsers only lately to experiment.  Your last sentence is very helpful to me.  But it brings up a new question.  My recovery e-mail address is the sbcglobal.net  one I have mentioned previously.  It's easiest for me to access it via IE than FF.  I won't go into what I think is the reason.  Anyway, I think that indicates that I should set up 2-step for my account in IE.

~Diane

[Kenneth Ayers]

Diane,

When you turn on 2 step verification, it is enabled everywhere.

The only thing to consider for IE on your computer is whether or not you want to stop requiring verification codes for that browser, i.e., whether you want Google to accept that you trust login attempts from that browser.

If you're not using IE to login to your Google account then don't bother to trust it.  You don't need to establish that browser trust for a browser you don't use.  If anything you want to minimize the number of browsers/computers you trust to match only those that you actually use..

The fact that you use sbcglobal.net from that browser is irrelevant. That's logging into your sbcglobal.net account, not logging into your Google account.

Kenneth

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Regards,

Kenneth

[DEP/Dodo]

Kenneth, thank you for that information!  I am relieved to learn it, particularly with all the problems I've had merely setting up 2-step verif.  Others' comments had led me to think otherwise.  However, I'm deferring to you!

~Diane

“We can’t solve problems by using the same kind of thinking we used when we created them.” ~ Albert Einstein

--
You received this message because you are subscribed to a topic in the Google Groups "Gmail-Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/gmail-users/vPDZi_T4-E8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to gmail-users...@googlegroups.com.

[DEP/Dodo]

Hi, Marko.  I hope Kenneth also sees this post.  I don't remember the "stay signed in" checkbox.  I wonder, short of disabling and then re-establishing 2-step, if I can get back to it.  Any ideas?

On Wed, Jul 22, 2015 at 3:04 AM, Marko Vukovic <marko....@gmail.com> wrote:

No, my trusted computer is behaving as before. I entered the password and checked the 'stay signed in' checkbox then entered the 2-step code once, checking the 'always trust' checkbox and haven't been asked for anything since. 

On Wed, Jul 22, 2015 at 11:55 AM, DEP/Dodo <depf...@gmail.com> wrote:

​Marko:

What I meant is even after "trusting" a computer, it will then always be necessary to input the password.  Thus, it won't "be as before" in this regard.  This is something I don't do now when I go to Chrome or Gmail.  As we discussed a few days ago, it's as if we're always signed in, perhaps because we are (now "were" for you)?​

On Wed, Jul 22, 2015 at 2:43 AM, Marko Vukovic <marko....@gmail.com> wrote:

As you and I discussed a few days ago, we don't have to sign in to Chrome or Gmail and, to date, have remained "safe."  But I understand that will change once 2-step verif. is in place since signing in and providing a password is step one.

​Yes, but if you choose to register that computer/device it will be as before and will not bother you again once you've entered the code once and checked the box to 'always trust this computer'.

[DEP/Dodo]

Where is it???  Then there must also be an option to stay signed out or something like that.

[Diane]

If anyone is using this, my question is can it be undone or cancelled if I decide to try it but then don't like it?  While it's a Google feature, I am thinking about it only in terms of Gmail, where I presently rarely have to sign in.

If this isn't the correct group for this inquiry, which one is?  Thank you.

[Kenneth Ayers]

Yes, you can turn off 2 step verification if you don't like it.

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Regards,

Kenneth

[Kenneth Ayers]

Before you do anything though, make sure you have your correct phone number and alternate email address updated in your account settings.

--

Regards,

Kenneth

[Diane]

Thank you for responding, Kenneth.  I want to make sure I haven't misunderstood.  Within that e-mail I (we) received from Google, we are told that we don't have to use both steps.  We are given the option on each computer to log in with just our password.  My question was about totally canceling if I didn't like it.  You seem to be confirming that is so.  Do you know how that is done?

And while I'm here, I now have a related secondary question.  I mainly use Google for Gmail.  In other words, I can't even recall under what conditions I have to sign in to my Google account.  What would these conditionis be?

On Wednesday, July 15, 2015 at 4:35:29 PM UTC-7, Diane wrote:

If anyone is using this, my question is can it be undone or cancelled if I decide to try it but then don't like it?  While it's a Google feature, I am thinking about it only in terms of Gmail, where I presently rarely have to sign in.

[Diane]

Just saw this after replying to your first answer.  I assume this is not saying I can't "bail out" of 2-step verification completely.

[Kenneth Ayers]

Diane,

If you enable 2-step verification, it will apply to all computers and devices.  Log into your Google account and go here to read more:

https://myaccount.google.com/?utm_source=OGB

The conditions under which you need to login to your Google account are to use any Google services such as Gmail.

My warning about making sure that you have setup your phone number and a valid alternate email address in your Google settings is because of the predicament that I've seen many people describe when they post to the official Gmail Help forum.  For whatever reason, there are a lot of people who don't know their own password.  Then they got a new phone or get logged out somehow and they can't get back in.  And then when they try to recover their password, the code they need gets sent to a phone number or an email they no longer can access.  Hence the warning to keep your recovery information current.

Kenneth

[Diane]

Kenneth, I don't sign in to use Gmail.  I just open it from an icon on my Desktop or via Chrome, my default browser.  There have been rare occasions I've had to sign in, so rare that I can't recall why.  I also don't log in to use Chrome.  Further, I don't log in to use this Gmail Users group. For this, I open Chrome and then go to the G-mail Users Group, which I have bookmarked on the bookmarks bar.  When I have logged in to my Google account, the page to do so has been presented to me.

As to the link you provided, I believe I already read that info when exploring 2-step verification.

Finally, again, please confirm that if I were to set up 2-step verification, I could completely undo it if I later chose. 

Thanks for your help,

~Diane

[Andy]

Diane,

I think Kenneth's message applies to you.

Whether you know it or not, you are logged into Google (and Gmail), and there is your username and your password which gets you there.

I am not sure precisely how it works, but either you stay "permanently" logged in, or the thing that you click, remembers your username and password and sends them for you.  That's great ... until something changes and it doesn't do it for you anymore.

Do you know with certainty what your username and password are?

Because if you were to change your login procedure (by enabling 2-step verification), you would probably need to type them in again.  As Kenneth notes, many people forget what their passwords are because they don't use them daily.  But the password is always a necessary part of being logged in to Gmail.

Sorry I can't answer your other question about disabling the 2-step verification.

Regards,

Andy

[Marko Vukovic]

As Andy says, you are permanently logged in. In my case this happens because I am using Chrome and signed into that using the same Google account. 

If you enable 2-step verification, you will likely be signed out and have to sign in again, so _do_ make sure your recovery information is up to date.

If you don't want it any more, you simply turn it off. BTW, I simply did a Google search for 'google turn off 2 step verification' and the first result was the help page. http://lmgtfy.com/?q=google+turn+off+2+step+verification

[DEP/Dodo]

Yes, I absolutely do know my user name and password.

I don't know why I don't have to log in except on occasion when that window is presented to me.

Two new and related questions:  (1) Do you, my fellow Gmail Users, recommend and use 2-step verification?  (2) How can it later be disabled if desired?  I understand you, Andy, can't answer that one.

~Diane

[DEP/Dodo]

Thank you for that link, Marko!  It's a little hard for me to type this as my jaw is hanging down to my fingers about how you did that animation!

~Diane

[Diane]

Kenneth:

I went to the link (again) you provided and tried to verify my landline phone.  An SMS (whatever that is) with a verification code was to be sent to me.  Tried twice but didn't get it.  I thought maybe my phone would ring and I would be provided it that way.  Wrong.  So how do I verify my phone number?

BTW, as usual, I didn't have to log into my Google account to acces the link.

~Diane

On Wednesday, July 15, 2015 at 8:37:35 PM UTC-7, justkenneth wrote:

[Marko Vukovic]

An SMS is a short text message sent to your cellphone.

[DEP/Dodo]

That explains it.  I have a dumb phone (not smart), which I love.  It doesn't text.  So how would I then verify my landline phone number, which is what shows in my Google info?  I didn't input my cell number.

Marko, do you use 2-step verification?

~Diane

[Marko Vukovic]

All cell phones can SMS, even the dumb ones 😂
I've never tried but I believe one can use a landline number, which the Google system can call you on.

I have used 2 step verification yes, but a long time ago. Can't recall why I turned it off but perhaps it's time to have another look at it.

--

[DEP/Dodo]

On Thu, Jul 16, 2015 at 3:16 PM, Marko Vukovic <marko....@gmail.com> wrote:

All cell phones can SMS, even the dumb ones 😂
I've never tried but I believe one can use a landline number, which the Google system can call you on.

​ I have tried several times.  No calls to me to verify.  In fact, nothing happens.  Oh well.  Guess I won't be using 2 step verif.

I have used 2 step verification yes, but a long time ago. Can't recall why I turned it off but perhaps it's time to have another look at it.

On Thu, 16 Jul 2015 at 11:00 DEP/Dodo <depf...@gmail.com> wrote:

That explains it.  I have a dumb phone (not smart), which I love.  It doesn't text.  So how would I then verify my landline phone number, which is what shows in my Google info?  I didn't input my cell number.

Marko, do you use 2-step verification?

[Andy]

I think (I thought) you need to use a cellphone with 2-step verification.

Andy

[John Blake]

Hi Diane
You can turn 2 step verification on or off whenever you want. If you do turn it on make sure your number and alternative email address are set up correctly otherwise you won't be able to log on as Google will send a 6 didget code to your phone or email (whatever you sell as you 2 step verification option).
Not sure if that's clear enough.

[jgs...@gmail.com]

Simple answer:

Don’t post ANYTHING you don’t want the whole world to see.

Sent from Windows Mail

--

[Marko Vukovic]

You may be right Andy but it seems that it can send the code via voice call so don't see why a landline wouldn't work.
I used the app. Diane, perhaps time to upgrade to a 'smart' phone ;)

You'll be asked for something else

Then, a code will be sent to your phone via text, voice call, or our mobile app. Or, if you have a Security Key, you can insert it into your computer’s USB port.

On Fri, Jul 17, 2015 at 3:06 AM Andy <AI.e...@gmail.com> wrote:

I think (I thought) you need to use a cellphone with 2-step verification.

Andy

[Andy]

On Fri, Jul 17, 2015 at 3:58 AM, Marko Vukovic <marko....@gmail.com> wrote:

You may be right Andy but it seems that it can send the code via voice call so don't see why a landline wouldn't work.

​I understand that Google is capable of sending a code in a synthesized voice to a landline telephone.  But whether or not they do that for Gmail's 2-Step Verification process, that's the question.​  And of course Google must know that it is a landline, not capable of SMS, so you need to provide that information to them.

Or maybe Gmail's procedure with landlines is broken.

I used the app. Diane, perhaps time to upgrade to a 'smart' phone ;)

​Even 'dumb' cellphones of any moderately recent vintage (10+ years) can receive SMS (text) messages.

Earlier, Diane asked if fellow Gmail users use the 2-Step Verification process.  I do not, because I access my Gmail only from computers that I know are reasonably secure.  On the other hand, if I used someone else's computer, or an unknown computer in a library or an Internet cafe, then I would want to use the 2-Step process.  That is the kind of situation it was designed for.

Andy

[Marko Vukovic]

On Fri, Jul 17, 2015 at 3:16 PM, Andy <AI.e...@gmail.com> wrote:

​I understand that Google is capable of sending a code in a synthesized voice to a landline telephone.  But whether or not they do that for Gmail's 2-Step Verification process, that's the question.​  And of course Google must know that it is a landline, not capable of SMS, so you need to provide that information to them.

​From the 2-Step features page:

​

 

​​

Or maybe Gmail's procedure with landlines is broken.

I used the app. Diane, perhaps time to upgrade to a 'smart' phone ;)

​Even 'dumb' cellphones of any moderately recent vintage (10+ years) can receive SMS (text) messages.

Earlier, Diane asked if fellow Gmail users use the 2-Step Verification process.  I do not, because I access my Gmail only from computers that I know are reasonably secure.  On the other hand, if I used someone else's computer, or an unknown computer in a library or an Internet cafe, then I would want to use the 2-Step process.  That is the kind of situation it was designed for.

​I know many users who only use Gmail on one single computer. They do however manage to regularly get infected with spyware, malware etc. etc.

This is also the kind of user that will benefit from 2-Step. ​

​Receiving SMS to me seems a bit of a drag. I would rather use an app but I guess that's just personal. I do also like the idea of the USB key.​

--

Marko

[DEP/Dodo]

Hi, Andy:

I need to clarify.  I just read again what is involved:  "Google can call your cell or landline phone with your verification code."  My landline phone's number is already part of my personal info or profile or whatever it is but hasn't been "verified".  That (phone no. verif.) is what I was trying to accomplish, which apparently is required before proceeding with setting up 2-step verif.  I assumed once that number was verified, I could then continue with setting up 2-step verif, and Google could then call with a verification code.  

Important:  I left writing this post for a moment and tried something.  I went to the "Start setup" page, and there, again, was my landline number but without the requirement to verify it.  I saw that I could proceed with having a code sent to me.  Looks like I'm able to proceed.

But, first, I still want to hear from others about (1) whether or not they use this feature and (2) how important they feel it is to useit because I have had no security problems.  Is it really worth setting up the extra protection?

~Diane

[DEP/Dodo]

Sorry, but I don't understand how this response about posting relates to setting up 2-step verification.

~Diane

[DEP/Dodo]

Marko, your response is precisely what I wanted to know.  I was thinking about 2-step verification for our three computers here at home, but I feel they are "reasonably secure" as you do yours.  I rarely use someone else's computer; rather I am more likely to take with me and use my smallest computer in a wi-fi setting.  Clearly, under those circumstances (using another's computer or wi-fi), it would make sense to set up 2-step verif. 

Now I'm going to ask for your (and anyone else's) opinion.  For that one computer that I occasionally take with me to use elsewhere via wi-fi and on which I have had no problems, would I be foolish to go with the adage "If it ain't broke, don't fix it" and stay with the status quo?

With thanks,

~Diane

Earlier, Diane asked if fellow Gmail users use the 2-Step Verification process.  I do not, because I access my Gmail only from computers that I know are reasonably secure.  On the other hand, if I used someone else's computer, or an unknown computer in a library or an Internet cafe, then I would want to use the 2-Step process.  That is the kind of situation it was designed for.

​I know many users who only use Gmail on one single computer. They do however manage to regularly get infected with spyware, malware etc. etc.

​  

This is also the kind of user that will benefit from 2-Step. ​

--

Marko

[DEP/Dodo]

To Kenneth and Group:

This just occurred to me about the alternate email address needed for recovery if necessary.  The alternate e-dress I provided is an old but-still-functioning one that ends with sbcglobal.net.  However, years ago I did what was required to have messages going there to actually be delivered to my Gmail account.  Then this is not a good alternate email address to use, right?  I realize that may be a "no-brainer" question to many of you, but 2-step verif. is a new concept for me.

Thank you,

~Diane

On Wed, Jul 15, 2015 at 4:57 PM, Kenneth Ayers <justk...@gmail.com> wrote:

[Kenneth Ayers]

If you lose access to your Gmail account and recovery information sent to sbcglobal is auto-forwarded to Gmail then you won't have access to that forwarded copy.  However, if you can still manage to login at sbcglobal and view emails there and auto-forwarding doesn't delete the original copies, then you'll have the recovery information you need at sbcglobal.

But if the reason you lost access to Gmail is due to account hacking, then the hacker will also be getting your recovery information forwarded from sbcglobal and may be able to act upon it, changing your password again, before you can do anything. It's probably better to use an alternate email address that isn't auto-forwarded to your Gmail account.

--

You received this message because you are subscribed to the Google Groups "Gmail-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gmail-users...@googlegroups.com.
To post to this group, send email to gmail...@googlegroups.com.
Visit this group at http://groups.google.com/group/gmail-users.
For more options, visit https://groups.google.com/d/optout.

--

Regards,

Kenneth

[Zack (Doc)]

Diane,

WiFi, even the most secure, is extremely hackable.  Even using the one you set up at home, with your own keys, you can *can* have your equipment tricked into revealing sensitive information.  If you're going out in public, like Starbucks, and  using wifi, this risk goes up significantly.  I'm a network engineer and I can tell you that your providers are always doing everything we can to protect you from malicious people, and, quite frankly, yourself.  This doesn't mean you should just trust the status quo.  If you feel there are reasonable measures you can take to improve your security, then I would suggest you do them.

To Marko's point... you can set it up so that your two fixed computers, that never move, and are not using WiFi, can bypass the 2-step.  This will make the change transparent to them, and only impact you when you're using the third one, or a public one.

--