How does Multi-Factor Authentication work?
With Multi-Factor Authentication turned on, you will need to take 2 steps to properly log in to your account. First, you will use your username and password as usual. Then, you will need to select Yes or No to a prompt sent to your smartphone or input a code that was sent to you through a text message or phone call.
Do I have to do the second step every time I log in?
No. When logging into your account you will have the opportunity to mark a checkbox that says “Don’t ask again on this device”. This will allow you to sign in to your Gmail account without a second step for a certain amount of time (usually 30 days).
Does checking “Don’t ask again on this device” make me less secure?
No. Checking this box simply sets a cookie for the device you are on, the account you are logged in to, and the web browser you are using when you checked the box so your preference is remembered. You will still be prompted for MFA authentication when using a different device, a different user account, or a different web browser.
Are there other options for my second step?
What if I don’t have my smartphone and cannot approve the MFA authentication?
This is what your backup option is for. You can choose to add your office phone number for when you leave your smartphone at home. You can also set up one-time use backup codes that can be printed out and left at home in a secure location to log in if you happen to leave your smartphone at work. Ideally, you would set up a backup option for all the different places you will be using your Google account. As a last resort, anyone in OIT can retrieve a backup code for your account.
What if I don’t have a mobile phone?
You can set up Multi-Factor Authentication to call you at any phone number (e.g. Office phone number, a landline at home, etc).
How can I change my MFA settings?
Log in to your Gmail account. Select your profile picture in the top right corner and select “Manage your Google account.” Select the Security tab on the left side of the screen, then select “2-step verification.” Input your password if requested. Now you should see all the different options for 2-step verification.
How can I receive the prompt on additional smartphones/tablets?
You can choose to receive the prompt on as many devices as you would like. To add another smartphone or tablet, sign in to your Google account on the device you would like to use. For iPhone you should use the Gmail or Google app. For Android, you should sign in to your Google account in settings.
How do I add a phone number to my Google MFA?
Follow the steps from the “How can I change my MFA settings” question to get to your 2-step verification settings. Then select add phone and input the phone number you would like to add. You can add as many additional phone numbers as needed.
Is any authentication method more secure?
We recommend you use the Yes or No prompt method. Apart from being the easiest option, it is also slightly more secure than a text message or phone call. Both options are much more secure than password alone.
What if I get a prompt or code but I am not signing in?
If you get a prompt when you are not signing in, select the “No, it’s not me” option and immediately change your Google password. If you need assistance, contact the OIT department.
What if I get a new smartphone and/or change my phone number?
If changing both your smartphone and phone number, make sure you print out a few one-time use backup codes before getting rid of your old phone. This will allow you to sign in to your Google account on your new device or change your phone number in MFA settings. To access MFA settings, follow the steps under “How can I change my MFA settings?”. If getting a new smartphone but keeping the same phone number, make sure you log in to your Google account in the new device. Watch the beginning of our step-by-step set-up video for an example of how to accomplish this.
I still have questions.