Google - Turn on 2-Step / MFA / 2FA Verification

How to enable 2-Step Verification

With 2-Step Verification, also called two-factor authentication, you can add an extra layer of security to your account in case your password is stolen or compromised. After you set up 2-Step Verification, you can sign in to your account with:

  • Your password
  • Your phone

Allow 2-Step Verification

  1. Open your Google Account.
  2. In the navigation panel, select Security.
  3. Under “Signing in to Google,” select 2-Step Verification and then Get started.
  4. Follow the on-screen steps.

Verify it’s you with a second step

After you turn on 2-Step Verification, you must complete a second step to verify it’s you when you sign in. To help protect your account, Google will ask that you complete a specific second step. Here are sections for setting this up from your Computer, Android device, or iPhone & iPad

Computer

 

Use Google prompts

We recommend you sign in with Google prompts. It's easier to tap a prompt than enter a verification code. Prompts can also help protect against SIM swap and other phone number-based hacks.

Google prompts are push notifications you’ll receive on:

  • Android phones that are signed in to your Google Account.
  • iPhones with the Smart Lock app , the Gmail app , the Google Photos app Photos, the YouTube app YouTube, or Google app  signed in to your Google Account.

Based on the device and location info in the notification, you can:

  • Allow the sign in if you requested it by tapping Yes
  • Block the sign-in if you didn’t request it by tapping No

For added security, Google may ask you for your PIN or other confirmation.

Use other verification methods

You can set up other verification methods in case you:

  • Want increased protection against phishing
  • Can’t get Google prompts
  • Lose your phone

Use security keys to increase phishing protection

A physical security key is a small device that you can buy to help verify it’s you when you sign in. When we need to make sure it’s you, you can simply connect the key to your phone, tablet, or computer. Order your security keys here.

To sign in to new devices, you may also use the security key built in to a compatible phone.

Tip: Security keys help protect your Google Account from phishing attacks, when a hacker tries to trick you into giving them your password or other personal information. Learn more about phishing attacks.

Use Google Authenticator or other verification (one time passccode {OTP}) apps

Important: Never give your verification codes to anyone.
When you don't have an Internet connection or mobile service, you can set up Google Authenticator or another app that creates one-time verification codes. These apps include Google Authenticator, Twilio Authy, and Microsoft Authenticator.

To verify it's you, enter the verification code from the app on the sign-in screen in the service you're trying to access.

Use a verification code from a text message or call

Important: Never give your verification codes to anyone.
A 6-digit code may be sent to a number you’ve previously provided. Codes can be sent in a text message (SMS), or through a voice call. This depends on the setting you chose. To verify it’s you, enter the code from the SMS message or voice call on the sign-in screen in the service you're trying to access.
Tip: Although any form of 2-Step Verification adds account security, verification codes sent by texts or calls can be vulnerable to phone number-based hacks. Use only when no other option is present.


Use backup codes

Important: Never give out your backup codes to anyone.
To keep in a safe place, you can print or download a set of 8-digit backup codes, and store them in a secure location like a fireproof safe. If you lose your phone, backup codes are helpful.

Use Google prompts

We recommend you sign in with Google prompts. It's easier to tap a prompt than enter a verification code. Prompts can also help protect against SIM swap and other phone number-based hacks.

Google prompts are push notifications you’ll receive on:

  • Android phones that are signed in to your Google Account.
  • iPhones with the Smart Lock app , the Gmail app , the Google Photos app Photos, the YouTube app YouTube, or Google app  signed in to your Google Account.

Based on the device and location info in the notification, you can:

  • Allow the sign in if you requested it by tapping Yes
  • Block the sign-in if you didn’t request it by tapping No

For added security, Google may ask you for your PIN or other confirmation.

Use other verification methods

You can set up other verification methods in case you:

  • Want increased protection against phishing
  • Can’t get Google prompts
  • Lose your phone

Use security keys to increase phishing protection

physical security key is a small device that you can buy to help verify it’s you when you sign in. When we need to make sure it’s you, you can simply connect the key to your phone, tablet, or computer. Order your security keys.

To sign in to new devices, you may also use the security key built in to a compatible phone.

Tip: Security keys help protect your Google Account from phishing attacks, when a hacker tries to trick you into giving them your password or other personal information. Learn more about phishing attacks.

Use Google Authenticator or other verification code apps

Important: Never give your verification codes to anyone.

When you don't have an internet connection or mobile service, you can set up Google Authenticator or another app that creates one-time verification codes.

To help verify it's you, enter the verification code on the sign-in screen.

Use a verification code from a text message or call

Important: Never give your verification codes to anyone.

A 6-digit code may be sent to a number you’ve previously provided. Codes can be sent in a text message (SMS) or through a voice call, which depends on the setting you chose. To verify it’s you, enter the code on the sign-in screen.

Tip: Although any form of 2-Step Verification adds account security, verification codes sent by texts or calls can be vulnerable to phone number-based hacks.

Use backup codes

Important: Never give out your backup codes to anyone.

To keep in a safe place, you can print or download a set of 8-digit backup codes. If you lose your phone, backup codes are helpful.

Android Device

Use Google prompts

Important: To use Google prompts, you need an Android phone with updated Google Play services.

We recommend you use Google prompts as your second step. They’re easier to enter than a verification code and can help protect against SIM swap and other phone number-based hacks.

To get Google prompts on your Google Account, you need:

  • An Android phone that’s signed in to your Google Account.
  • An iPhone with the Smart Lock app , the Gmail app , the Google Photos app Photos, the YouTube app YouTube, or Google app  signed in to your Google Account.

Based on the device and location info in the notification, you can:

  • Tap Yes to allow sign-in.
  • Tap No to block sign-in.

Use other verification methods

You can set up other verification methods in case you:

  • Want increased protection against phishing
  • Can’t get Google prompts
  • Lose your phone

Use security keys to increase phishing protection

physical security key is a small device that you can buy to help verify it’s you when you sign in. When we need to make sure it’s you, you can simply connect the key to your phone, tablet, or computer. Order your security keys.

To sign in to new devices, you may also use the security key built in to a compatible phone.

Tip: Security keys help protect your Google Account from phishing attacks, when a hacker tries to trick you into giving them your password or other personal information. Learn more about phishing attacks.

Use Google Authenticator or other verification code apps

Important: Never give your verification codes to anyone.

When you don't have an internet connection or mobile service, you can set up Google Authenticator or another app that creates one-time verification codes.

To help verify it's you, enter the verification code on the sign-in screen.

Use a verification code from a text message or call

Important: Never give your verification codes to anyone.

A 6-digit code may be sent to a number you’ve previously provided. Codes can be sent in a text message (SMS) or through a voice call, which depends on the setting you chose. To verify it’s you, enter the code on the sign-in screen.

Tip: Although any form of 2-Step Verification adds account security, verification codes sent by texts or calls can be vulnerable to phone number-based hacks.

Use backup codes

Important: Never give out your backup codes to anyone.

To keep in a safe place, you can print or download a set of 8-digit backup codes. If you lose your phone, backup codes are helpful.

iPhone & iPad

Use Google prompts

We recommend you sign in with Google prompts. They’re easier to enter than a verification code and can help protect against SIM swap and other phone number-based hacks.

Google prompts are push notifications you get on iPhones that are signed in to your Google Account with the Smart Lock app , Gmail app ,  the Google Photos app Photos, the YouTube app YouTube, or Google app . If you sign in to another compatible phone, you automatically get Google prompts on that device, until you sign out.

Based on the device and location info in the notification, you can: 

  • Tap Yes to allow sign-in. 
  • Tap No to block sign-in.

Use other verification methods

You can set up other verification methods in case you:

  • Want increased protection against phishing
  • Can’t get Google prompts
  • Lose your phone

Use security keys to increase phishing protection

physical security key is a small device that you can buy to help verify it’s you when you sign in. When we need to make sure it’s you, you can simply connect the key to your phone, tablet, or computer. Order your security keys.

To sign in to new devices, you may also use the security key built in to a compatible phone.

Tip: Security keys help protect your Google Account from phishing attacks, when a hacker tries to trick you into giving them your password or other personal information. Learn more about phishing attacks.

Use Google Authenticator or other verification code apps

Important: Never give your verification codes to anyone.

When you don't have an internet connection or mobile service, you can set up Google Authenticator or another app that creates one-time verification codes.

To help verify it's you, enter the verification code on the sign-in screen.

Use a verification code from a text message or call

Important: Never give your verification codes to anyone.

A 6-digit code may be sent to a number you’ve previously provided. Codes can be sent in a text message (SMS) or through a voice call, which depends on the setting you chose. To verify it’s you, enter the code on the sign-in screen.

Tip: Although any form of 2-Step Verification adds account security, verification codes sent by texts or calls can be vulnerable to phone number-based hacks.

Use backup codes

Important: Never give out your backup codes to anyone.

To keep in a safe place, you can print or download a set of 8-digit backup codes. If you lose your phone, backup codes are helpful.

Was this helpful?
100% helpful - 1 review

Details

Article ID: 154280
Created
Thu 3/9/23 3:28 PM
Modified
Thu 3/9/23 4:58 PM