Coding Horror, Make Your Email Hacker Proof has lots of good advice about how to secure your Gmail account.
This is all good advice, even if two-factor authentication is not a panacea.
Plus, when you print out that last-ditch backup paper to put in your wallet…don’t label it. Why make it easy for the guy who steals your wallet?
Update: A friend writes,
I followed the instructions, first on the desktop.
Then, it locked out my Gmail account on my iPhone, because I need to do one more step since smartphones “apps” cannot ask for verification, only a password.
(That part is missing in this “Coding Error – Make your Email Hacker Proof” article because it is only for the desktop. If you use Gmail also on your mobile device, you need to do the below):
So I read further and found that you need to the 2 step authoriztion by following these steps (watch the video).
This gives you a long “application specific password” which is different from your password you use when you login to Gmail from a browser on a desktop (not your mobile device). You only need to type it in once.
Now my Gmail works on my iPhone. Terrific!