Google 2FA / MFA Account Security

Two Factor Authentication (2FA) or Multi Factor Authentication (MFA) is a secondary layer of protection on your account that can be used in addition to your password.

In the case that your password was compromised this will keep your account secure by requesting a second method to verify your identity when logging in. An attacker would generally not have access or the ability to provide this secondary information.

Primary 2FA / MFA Options

There are several primary options for 2FA/MFA, you can use any or a combination of them:
  • Mobile Phone Prompt (Android and iOS) – this uses an installed free app on your phone that will prompt you when signing in on an unrecognized device. You simply press ‘yes’ if it was you or ‘no’ if not. This method requires a data connection (internet) on your phone to use.  Read more here. 
  • Text Message – this sends a text message verification code to your mobile phone that you enter when logging in.
  • Phone Call – this sends a phone call with an audible verification code. You can use your school phone OR your personal mobile phone.
  • Security Key – typically a small device, similar to a flash drive, that is a physical key generator to authenticate (we are not currently providing these). A mobile phone (Android 7+ or iOS 10+) can also be used via bluetooth.  Read more here. 
  • Authenticator App – this uses a free authenticator app that generates a time sensitive code after scanning a QR code using your mobile device. This does not require an internet connection.  Read more here. 

Enabling 2FA/MFA

You can visit here to enable 2FA on your account:

Scroll down to 2-Step Verification and click on it:
Select Get Started to begin the enrollment process.
Choose your 2FA method from the options above.
If you do not have a personal cell phone or prefer not to use it, select Phone call and use a school room’s phone. If you do not have a designated school phone and prefer not to use your personal cell phone (you move rooms or locations frequently), you should set this up in a central location such as the school office or staff room where you (or an office staff member) can go to and receive a phone call if/when necessary to receive your 2FA code.

Example setting up using a school phone

Select PHONE CALL (our school phones cannot receive a text message) and enter your full outside number, including the 1. For example 1-508-488-5511.
Click next to receive a phone call with your first verification code.
Enter the code you received and click next.

If you were successful you will be at the final step confirmation. Ensure you select TURN ON or it will not be enabled.

Secondary / Backup 2FA/MFA Option

Once you have enabled one primary verification option, you can enable a secondary/backup option. You can enable any of the primary methods noted above as well as a new option, Backup Code.
This is a physically printed code that can be used in the event none of the other methods are available to you (for example if you are at home and your 2FA method was a phone call to your classroom phone).
To enable backup codes, return to  https://myaccount.google.com/security  and select 2-Step Verification again, it should show “on”:

Select Backup Codes
Click Get Backup Codes:

10 codes will be generated for a one-time use. It is suggested to print these out and keep a copy in a secure location that you may need incase you are not able to use your primary 2FA method.
If you choose to download the codes, DO NOT SAVE THEM TO YOUR GOOGLE DRIVE.

You can return here if you ever need to:
  • Delete your codes (lost them)
  • Regenerate your codes (if you suspect someone may have seen or accessed them)
  • Generate new ones if you have used all 10.