English: FAQ about Two Step Verification in Google

Q: What is happening with two step verification in Google?

Answer: As part of our digital security support for your organization, we will be enforcing 2-step verification (also known as 2-factor authentication, 2FA) in Google Workspace starting on enforcement date.

Two step verification (2SV) is the most effective security tactic for protecting your account from being hacked! By adding 2SV to your accounts, you’re not only protecting your own data, but also contributing to the security of your organization as a whole.

Q: What do I need to do?

A: Here’s what you need to do before enforcement date:

• Google: Please ensure you have 2SV set up by going to this link and checking that 2 step verification is set to “ON”.

• If it is not, please configure 2SV with an authenticator by clicking on 2 step verification and following the prompts to set up an authenticator app.

Q: What is an authenticator app? Why should I use one?

A: Authenticator apps are free, secure applications that you can install on any smartphone. We recommend using Authy by Twilio or Google Authenticator, but you can also use Microsoft Authenticator. Once you download the authenticator app, you connect it to different accounts that you use. Each time you log into those accounts, the app will generate rotating codes that you need to enter while logging in. If you’d never used an authenticator app, you can read instructions for downloading and using one here!

Here’s why we like an authenticator app instead of getting a code via text message (SMS):

1. Authenticator apps work even when your phone doesn’t have cell service or wifi. You can use the authenticator app if your phone is offline (for example, while on an airplane or in a building with poor cell phone reception).
2. The code rotation helps protect against someone stealing your 2SV code. Since each code is only valid for 30 seconds, attackers have to work harder to steal these codes from you. Note that you can also help protect your account by never sharing 2SV codes! Google will never call or email and ask you for a code.
   1. If you ever get a request for a 2SV code from anywhere besides while logging into accounts.google.com, please report it to Personified at it@.

Q: When will I need to enter a 2SV code?

A: Anytime you are currently asked to enter your Google password, you will need to provide a 2SV code. For example, you will need to enter a 2SV code whenever you log into your account on a new device, or periodically when Google wants to verify your account (once a month or so).

Be sure to have your phone nearby when you need to log into your account, so that you can provide a 2SV code from your authenticator app.

If you don't want to provide a second verification step each time you sign in on your computer or phone, check the box next to "Don't ask again on this computer" or "Don't ask again on this device." Only check this box on devices that you own (your laptop and your phone).

Q: How can I avoid getting locked out of my account?

A: We recommend using an Authenticator app for 2SV, so whenever you need to log into your work account, make sure you have your cell phone nearby.