+1 for sure

I work in IT for a living, and am very attentive to my passwords and keeping them random and secure. I use 1Password (similar to Last Pass) for password management, but still my Gmail account got hacked in a similar way. My password was just random characters, so no possibility for dictionary attacks.

After finding out about 2 step verification, I do have to ask myself why it's not required. The Android app makes it easy to verify any new machine. When I have to fire up the app, I do get annoyed for a moment, but then I am reminded of the embarrassment of my entire contact list getting emails about viagra or whatever it was.

Here's info on how 2 step authentication works:
http://support.google.com/accounts/b...&answer=180744

And here is a handy checklist to make sure you're secure:
https://support.google.com/mail/bin/...t.cs&tab=29488