Google 2-Step Verification

By bowells

Google 2-Step adds Two-Factor Authentication for an additional layer of security on all Google-based accounts. This is especially important for NC State Gmail and other Google apps. When you turn on Google 2-Step, you will be required to log in with both your password and an additional security measure (a code received via text, a USB, etc). This is a better way to protect all accounts from phishing attempts and other security breaches.

Before activating, view common issues with 2-Step verification.

To enroll in Google 2-Step:

  1. Visit the link to set up Google 2-Step.
  2. Log in with your Unity ID email and Password.
  3. Click Start Setup.
  4. Complete the 2-Step verification settings.
  5. To prevent yourself from being locked out of your account (if for some reason you can’t receive verification codes), it is strongly encouraged that you do both of the following during setup:
    a) add at least one backup phone number, and
    b) print out the backup code provided and keep it with you.
    This way, even if the verification code doesn’t go to your phone, you will still have a code to use.

Authentication methods:

  • Phone call: receive a code via phone call on your mobile phone/landline.
  • Text message: receive a code via text message.
  • Authenticator apps: can generate a code without Wi-Fi or data service. Google Authenticator is available for iPhone, Android or Blackberry devices. Duo Authenticator is available for iPhone, Android, Blackberry and Windows devices (and can also generate codes for both Duo and Google).
  • U2F USB Security Key: to avoid using a code altogether, you can purchase and register a security key on your computer’s USB drive when prompted. OIT has tested and used the following keys: FIDO U2F security key by Yubico and FIDO U2F security key by Hypersecu. These can both be found on Amazon Marketplace or in the NC State Bookstore.
  • Backup codes: print a paper code of the single-use backup codes Google provides and keep it with you. If your mobile device isn’t working, using one of these codes is an easy option.
  • Trusted computers: set up a computer that you use frequently to access your Google account for 30 days without needing 2-Step verification.

Once you are enrolled in 2-Step, you will be asked to sign in using your password and one of the above additional security measures. If you would prefer not to use 2-Step on a particular computer, you can change your settings and that computer will only ask for your password on sign-in. However, if someone tries to sign in to your account from another computer, 2-Step authentication will be required.

For more information about Google 2-Step Verification, click here.

Published in .