Blog Post

Updated: Two ways to use a smartphone to log in to Google on a PC

UPDATED. My Google account was briefly hijacked last year, and although nothing major happened as a result, I decided to look into Google’s(s goog) two-step verification process. This adds a second layer of security because it combines “what you know with what you have,” says Google. You know your Google password, of course, but the second step requires the smartphone you have with you. Without the handset, your Google account can’t be accessed if two-step verification is enabled.

On Monday, PC Magazine wrote up one way to log in to your Gmail account on a PC by using a smartphone. It’s a clever and simple method. On the PC, you simply browse to, where you will see a QR code.

Use a bar-code-scanning app on your Android or iPhone (which is already configured with your Google account credentials) to snap a pic of the code, which is a URL. Browse to the URL on your phone and tap the “Start with Gmail” button or “Start with iGoogle” button, whichever you prefer. Doing so causes the phone to shoot a verification to the PC, which immediately opens up Gmail.

[UPDATE: This method appears to be experimental. The day after this article was published, Google shut down the login service. Clicking the link now shows the following message from Google: “Hi there – thanks for your interest in our phone-based login experiment. While we have concluded this particular experiment, we constantly experiment with new and more secure authentication mechanisms. Stay tuned for something even better!”]

I tested the function on my Galaxy Nexus and it worked perfectly. But I was already using a smartphone to verify my Google login with two-step verification. Google actually offers an application called Authenticator for Android, iOS(s aapl) and BlackBerry(s rimm) devices. Instead of calling or texting a verification code to your smartphone, Authenticator creates six-digit verification codes on the fly, without any connectivity required. Each code lasts only 30 seconds, much like a rolling code. Entering the code when prompted during log-in to a Google account provides access.

Although I have been using the Authenticator app for some time, I like the QR code method better. There are no verification codes to manually type; it is a simpler process that still combines “what you know with what you have.” And if you add in passcode security on the phone itself, there is another layer of security with either approach to help out in case you lose your handset.

If you are not familiar with Google’s two-step verification feature, here are the details from the rollout last February, as well as this video to explain how it works.

10 Responses to “Updated: Two ways to use a smartphone to log in to Google on a PC”

  1. I never understood how to get google to send code 2step paswrd. I
    Sent request none inbegining it would automaticlly done ??? Then came app specific paswrd. Never explained where I enter the code
    Enter in log inter as contact how to identify contact. For next entry
    Etc google never explained its detailed procedure android has multiple settings button per feature not all few/ main issue is my statement “these words hurt my eyes”. ovr&ovr I explained got more of translate these letters

  2. This is a smart attempt but I find the Google authenticator better at the moment.Anyway may Google continue experimenting with new features.That is the purpose of Google Labs after all,features are born and buried here.

  3. MerryMaker846

    This is a dead issue. Google botched this so badly. I unplugged it because it BURIED me in text messages. BURIED. Even if you were logged in, you got text after text after text. They’ve got loads of smart folks, this was not a smart way to handle it.