Enable MFA for your Google account
Link to instructions from Google
Best practice is to set up a primary method, and a second backup method. The recommended primary method is google prompts on your phone. In the event that you lose your phone or other primary verification method, you will need to contact the helpdesk to reset your account.
Allow 2-Step Verification
- Open your Google Account.
- In the navigation panel, select Security.
- Under “Signing in to Google,” select 2-Step VerificationGet started.
- Follow the on-screen steps
Verify it’s you with a second step
After you turn on 2-Step Verification, you must complete a second step to verify it’s you when you sign in. To help protect your account, Google will ask that you complete a specific second step.
Use Google prompts on Android
Important: To use Google prompts, you need an Android phone with updated Google Play services.
We recommend you use Google prompts as your second step. They’re easier to enter than a verification code and can help protect against SIM swap and other phone number-based hacks.
To get Google prompts on your Google Account, you need:
- An Android phone that’s signed in to your Google Account.
- An iPhone with the Smart Lock app , the Gmail app , the Google Photos app , the YouTube app , or Google app signed in to your Google Account.
Based on the device and location info in the notification, you can:
- Tap Yes to allow sign-in.
- Tap No to block sign-in.
Use Google prompts on iPhone or iPad
We recommend you sign in with Google prompts. They’re easier to enter than a verification code and can help protect against SIM swap and other phone number-based hacks.
Google prompts are push notifications you get on iPhones that are signed in to your Google Account with the Smart Lock app , Gmail app , the Google Photos app , the YouTube app , or Google app . If you sign in to another compatible phone, you automatically get Google prompts on that device, until you sign out.
Based on the device and location info in the notification, you can:
- Tap Yes to allow sign-in.
- Tap No to block sign-in.
Use security keys to increase phishing protection
A physical security key is a small device that you can buy to help verify it’s you when you sign in. When we need to make sure it’s you, you can simply connect the key to your phone, tablet, or computer.
To sign in to new devices, you may also use the security key built in to a compatible phone.
Tip: Security keys help protect your Google Account from phishing attacks, when a hacker tries to trick you into giving them your password or other personal information. Learn more about phishing attacks.
Use Google Authenticator or other verification code apps
Important: Never give your verification codes to anyone.
When you don't have an internet connection or mobile service, you can set up Google Authenticator or another app such as Authy that creates one-time verification codes.
To help verify it's you, enter the verification code on the sign-in screen.
Use a verification code from a text message or call
Important: Never give your verification codes to anyone.
A 6-digit code may be sent to a number you’ve previously provided. Codes can be sent in a text message (SMS) or through a voice call, which depends on the setting you chose. To verify it’s you, enter the code on the sign-in screen.
Tip: Although any form of 2-Step Verification adds account security, verification codes sent by texts or calls can be vulnerable to phone number-based hacks.
Use backup codes
Important: Never give out your backup codes to anyone.
To keep in a safe place, you can print or download a set of 8-digit backup codes. If you lose your phone, backup codes are helpful.