Despite feeling quite safe online - following my self-imposed security review of a couple of years ago - there's always been that nagging doubt that a single point of failure existed in my relatively weak Google Accounts password.
I did nothing about this until Jeff Atwood mentioned it this week and I finally turned on two factor authentication.
You can do this through your Google Account page online, as below:
I did this first for my "personal" Gmail account and then I tried to do it for my "work" Google Apps for Business account. However, for the latter I didn't see the above option.
After some fruitless Googling and digging around in the Admin area I worked it how.
Enabling 2-Factor Auth In Google Apps Accounts
First, login as a domain administrator and then go to "Manage this domain" using the gears dropdown (top right), as below.
Now, navigate to the Advanced Tools tab and enable 2-factor authentication in the Authentication section, as below.
When you return to the Google Account page for your login you should then see the option to enable it. Phew.
Dare I say it, I now feel almost completely secure.
Setting it up is a bit of a hassle and I don't doubt it will hassle me at some point in the future too. But, like Jeff says, door locks are a hassle too, but would you live in a house without them?
Having your email account hacked can happen. It's happened to at least 6 people I know. Don't let it be you!