How to setup 2-Step Verification for Google Apps for Work

July 29, 2016 | Posted by: Meghan Donovan

Note: Before 2-Step Verification is turned on, there are considerations that should be made regarding communications and training.  Enforcing Two-Step authentication without letting your staff know may result in a stop in productivity that may not be a benefit to organization.

  1. In the Google Admin Panel (admin.google.com) select the Security settings and click Basic.
security.jpg
  1. Click Allow users to turn on 2-step verification then click Go to advanced settings and enforce 2-step verification.

allow users.jpg

You can apply 2-Step Verification to the entire domain or to specific orgs using the left-side navigation.

2016-07-22_0911.png

Follow the steps below to set up 2-Step Verification.By default, the initial setup uses voice or text to a designated phone number.

  1. Access the My Account settings from your account access in the upper right of your Gmail.
My Account.jpg
2. Choose Sign-in & Security  2016-07-28_1036.jpg
3. Under Password & sign-in method, select to configure 2-step verification. Then select, Get Started.  turn on.jpg
4. Following the on-screen prompts, you may choose to have your code sent via text or phone call.

Follow the prompts to verify that it works!

 text or call.jpg
5. You will see a confirmation of success! You can now select Turn On and 2-step verification will be applied to your account.

See tips below for using this new feature!

 2016-07-26_2141.png
6. Take a moment to configure a backup set of numbers in the event you do not have access to your phone.

See here for detailed description on yubikeys.

 2016-07-28_1040.jpg

2-step Verification FAQ’s

How long is a verification code good for?

The verification code you receive is valid for 60 seconds. You have the option to generate a new code at any time

Do I have to enter a code every time I sign in?

No. You have the option to Remember this computer for 30 days. Do not use this option on shared or public computers.

What happens if I do not have my phone or it is dead? How do I get a code?

 

Click on Try another way to sign in, this will give you other options that you may have setup to use as your second step of authentication.  There is an option to print out backup codes in the event that your do forget your phone, or device used as your second step of authentication.

[embed]https://youtu.be/LUHOs_ggvi4[/embed]

We recommend that you consider Yubikeys for use with 2-Step Verification.  Yubikeys offers an innovative approach for strong authentication via FIDO Universal 2nd Factor (U2F), and with a simple tap or touch of a button. YubiKeys protect businesses of all sizes,  the benefit is that you don’t have to depend on people using their Cell phones for authentication or having to update your BYOD policy.

It is our goal to arm you with the best defenses to protect you from phishing scams and improve your experience with Google for Work.  If you have any questions or need help with deployment strategy, please reach out to us at secinfo@suitebriar.com.

See:  Google for Work Security Key Special Offer