Google Authenticator is a little smartphone app (iTunes; Play Store) that you can – and should – use to ensure that whoever logs into your account on Gmail, Dropbox, Tumblr and so on not only has your username and password, but also is in physical possession of your smartphone, i.e. is most likely to be you. This is important in general, but phenomenally important for your primary email account, since whoever gets into that has a good shot at full-scale identity theft if they want to.
Two-step verification means that when you login to Gmail from a new machine, after your usual username-and-password step, you are asked for a six-digit verification code; and you obtain the code – which changes constantly – by opening the Authenticator app on your smartphone. You only have to do this once if you check the machine as a trusted computer (obviously, don’t do this at shared computers).
Here are the instructions for Gmail and all other Google services; here is an article from the Financial Times (login required) that explains how to do the same thing to protect any nude photos you might have on iCloud through Apple’s two-step verification.
Finally, even if this post is about taking your online privacy seriously, let me close on a lighthearted note from the FT’s Chris Nuttall:
Have hackers put any nude photos of me out on the web?
Not if you haven’t taken any of yourself. If you have, they probably won’t have bothered trying to hack you unless you’re a celebrity.