Passwords and codes used with 2-Step Verification
There are several fundamental differences between traditional passwords -- such as those you use to sign in to your Google Account -- and the verification codes and application-specific passwords that you use as part of 2-Step Verification.Traditional password
- Created when you first sign up for a Google Account or change your password
- Generally a combination of letters, digits and characters that you choose
- You need to remember it
- If you forget your traditional password, you can always reset it using your recovery options, such as your backup email address or phone number
- Delivered to your phone or generated by the Google Authenticator App.
- Six to eight digits (Example: 012345)
- You don't have to remember it, because you can get a new verification code each time you need one.
- You’ll need it every time you sign in unless you've marked a computer as "trusted"
- Generate backup codes ahead of time and print them out, so you can use them as a backup if you don't have access to your phone
- If you own an Android device, you can also generate codes through Google Settings, even if your device is offline.
- You generate it on the Authorizing applications & sites page
- Sixteen letters (Example: ohgh uylv xkwd zgbz)
- You don’t have to remember it, because you can generate a new one anytime
- You’ll need it when you want to authorize a device, a mobile application (such as a Gmail app on your mobile phone), or a desktop application (such as AdWords Editor) to connect to your Google Account
- If you lose a phone or stop using an application that was authorized with an application-specific password, revoke the application-specific password for that application.