If you use Google's two-step authentication system to protect your Google accounts, you could accidentally get locked out. It's one of the biggest risks of two-factor authentication. And if you can't get a mobile signal, then you can't get the needed SMS messages in time.
What can you do? You fall back on one of the oldest storage systems known to man: paper.
Backup Codes (Can) Come to Your Rescue
I recently asked a few of my tech-savvy friends if they knew about backup codes for when Authenticator fails. Most of them didn't. It's probably because we can't imagine the idea of relying on paper as a failsafe for security. But that's the whole logic of it.
Google provides a set of 10 codes that you can use as keys to sign in when you can't get codes via text, voice call, or Google Authenticator. New sets of keys can be generated any time on your account page, but every new set will make the old one set inactive.
After you generate a set of Google verification codes, you can save them as a text file -- or better yet, print them out and keep in a secure place.
Here are the steps to generate a new set of backup codes:
- Sign in to your account at go to the 2-step verification section on the Security page.
- Look for the "Backup codes" area.
- Click Setup or Show codes.
You can print or download them as a text file. If you ever suspect that this set of codes might have been stolen or you’ve used many of the backup codes, you can generate a new set by clicking Get new codes.
When you have to sign in with the backup codes, go to the sign-in page of the Google service you want to use (for example, Gmail):
- Enter your username and password.
- When asked for your verification code, click More options.
- Click Enter one of your 8-digit backup codes.
- Enter your backup code.
Notice the checkbox next to the codes in the earlier Download or Print screen? As each code can be used only once, you can use the boxes to keep track of them.
This is a simple security feature that helps to keep your account safe. It takes five minutes to set up but saves you a lifetime of bother.
Have you used the backup option on paper or as a text file? Has it ever proved its usefulness when normal authentication failed?