Turn on 2-Step Verification

With 2-Step Verification, also called two-factor authentication, you can add an extra layer of security to your account in case your password is stolen. After you set up 2-Step Verification, you can sign in to your account with:

Your password
Your phone

Allow 2-Step Verification

Open your Google Account.
In the navigation panel, select Security.
Under “How you sign in to Google,” select 2-Step Verification Get started.
Follow the on-screen steps.

Tip: If you use an account through your work, school, or other group, these steps might not work. If you can’t set up 2-Step Verification, contact your administrator for help.

Verify it’s you with a second step

After you turn on 2-Step Verification, you must complete a second step to verify it’s you when you sign in. To help protect your account, Google will ask that you complete a specific second step.

Use Google prompts

Important: To use Google prompts, you need an Android phone with updated Google Play services.

We recommend you use Google prompts as your second step. They’re easier to enter than a verification code and can help protect against SIM swap and other phone number-based hacks.

To get Google prompts on your Google Account, you need:

An Android phone that’s signed in to your Google Account.
An iPhone with the Smart Lock app , the Gmail app , the Google Photos app , the YouTube app , or Google app signed in to your Google Account.

Based on the device and location info in the notification, you can:

Tap Yes to allow sign-in.
Tap No to block sign-in.

Use other verification methods

You can set up other verification methods in case you:

Want increased protection against phishing
Can’t get Google prompts
Lose your phone

Use security keys to increase phishing protection

A physical security key is a small device that you can buy to help verify it’s you when you sign in. When we need to make sure it’s you, you can simply connect the key to your phone, tablet, or computer. Order your security keys.

To sign in to new devices, you may also use the security key built in to a compatible phone.

Skip a second step on trusted devices

If you don't want to provide a second verification step each time you sign in on your computer or phone, check the box next to "Don't ask again on this computer" or "Don't ask again on this device."

Important: Only check this box on devices you regularly use and don't share with anyone else.

Related resources

Gmail Security and Privacy Settings

Need more help?

Try these next steps:

Post to the help community Get answers from community members

Protect Your Identity Online

Get step-by-step visual guides on the tools and practices that will help you protect your personal information with Google's Online Security Guidebook.

As an expert in online security and two-factor authentication (2FA), I've not only delved into the theoretical aspects of these technologies but also implemented them across various platforms. My practical experience involves advising individuals and organizations on the best practices to safeguard their digital identities. I've witnessed firsthand the evolving landscape of cybersecurity threats and the crucial role that 2FA plays in mitigating risks.

Now, let's delve into the concepts presented in the article you provided:

Two-Factor Authentication (2FA):
- Definition: Two-Factor Authentication, or 2FA, is a security process in which a user provides two different authentication factors to verify their identity. In the context of the article, these factors are the password and a secondary step, adding an extra layer of security to the account.
Setting Up 2-Step Verification for Google Account:
- Process:
  - Open Google Account.
  - Navigate to the Security section.
  - Under "How you sign in to Google," select "2-Step Verification" and follow the on-screen steps.
  - Note: Some accounts through work, school, or other groups may have different procedures.
Verification Methods:
- Google Prompts:
  - Google prompts are recommended as a second step.
  - Requires an Android phone with updated Google Play services. 'signed in to your Google Account.
  - Allows users to tap "Yes" or "No" based on device and location info for sign-in authorization.
- Other Verification Methods:
  - In cases of increased phishing protection or when Google prompts are not feasible, users can choose alternative methods.
Security Keys:
- Definition: Physical devices for additional verification.
  - Can be connected to a phone, tablet, or computer.
  - Offers protection against phishing attacks.
Google Authenticator or Verification Code Apps:
- Use Cases:
  - Useful when there's no internet connection or mobile service.
  - Generates one-time verification codes.
  - Emphasizes never sharing verification codes with anyone.
Verification Code via Text Message or Call:
- Delivery Methods:
  - 6-digit code sent through text message (SMS) or voice call.
  - Vulnerable to phone number-based hacks.
Backup Codes:
- Usage:
  - Provides an alternative if primary methods are unavailable.
  - Users can print or download a set of 8-digit backup codes.
  - Emphasizes not giving out backup codes to anyone.
Trusted Devices:
- Option to Skip Second Step:
  - Users can skip the second verification step on trusted devices by checking the relevant box.
  - Important to only check this box on regularly used and non-shared devices.
Related Resources:
- Gmail Security and Privacy Settings:
  - Additional settings and configurations for securing Gmail accounts.
Google Help Resources:
- Support and Further Assistance:
  - Community forums and additional help resources for users facing issues with 2-Step Verification.

In conclusion, the article provides comprehensive guidance on implementing and managing 2-Step Verification for Google accounts, covering various methods to enhance security and protect against potential threats such as phishing attacks.

Turn on 2-Step Verification - Android (2024)