2-step verification
Add 2-step verification
Next: Set up 2-step verification for your domain
These articles are for Google Apps
Administrators. End users should see
About 2-step verification.
2-step verification adds an extra layer
of security to your users' Google Apps
accounts by requiring them to enter a
verification code in addition to their
username and password, when signing
in to their account.
The Google Apps Service Level
Agreement does not apply to any
services used in connection with 2-
step verification if the verification
process relies on third-party voice or
data providers to deliver the
verification code.
Why should I enable 2-step verification
for my domain?
2-step verification helps protect a
user's account from unauthorized
access should someone manage to
obtain their password. Even if a
password is cracked, guessed, or
otherwise stolen, an attacker can't
sign in without access to the user's
verification codes, which only the user
can obtain via their own mobile phone.
Requirements
A mobile phone that can receive the
verification code via text message or
phone call. See how to view the list of
supported countries.
Or
An Android, BlackBerry, or iPhone.
These devices use the Google
Authenticator mobile app to generate
the verification code.
Note: 2-step verification can't be used
for accounts using a SAML single sign-
on service (SSO). See SAML SSO
Service for Google Apps.
Note: If you're an API developer using
ClientLogin authentication, read API
Developers before enrolling in 2-step
verification.
How it works
1. You enable 2-step verification for your
domain in your Google Apps control
panel. See Setup 2-step verification for
your domain for how to enable 2-step
verification for your account. We
recommend that you notify your users
of this new security process and
include instructions on how to get
started.
Note: Although users must opt-in to 2-
step verification themselves, you may
require them to do so by enforcing the
setting on the Settings > Security tab.
Do not make this change until all
users have opted in, or they will be
locked out of Google Apps. See the
Enforcement article for instructions.
2. The user enrolls in 2-step verification,
and selects the method for receiving
their verification code on their mobile
phone: the Google Authenticator app,
text message, or phone call. How
quickly they get their code via text
message or phone call depends on
their service provider and location. We
recommend users with smartphones to
use the Google Authenticator app
which can generate codes without a
network connection.
See Set up 2-step verification for your
Google Account.
If this link doesn't take you to the 2-
step verification page, you need to
follow these steps:
1. Sign in to your Google Apps Gmail
Account and click Settings (in the top
right corner).
2. Under the Accounts tab, click Google
Account settings.
3. Under Security, click Edit next to 2-
step verification.
4. Follow the steps in the 2-step
verification guide to set up 2-step
verification.
Administrators can point users to
Getting started with 2-step verification
for step-by-step instructions.
3. The next time the user signs in to their
Google Apps account on a new
browser or device, they enter their
username and password as usual.
They're then prompted with a second
page to enter a verification code. When
your user checks Remember
verification for this computer, they're
only prompted to enter a verification
code once every 30 days per browser or
after deleting their browser's cookies.
Your users should not check this if
they're at a public or shared computer
No comments:
Post a Comment