Set up 2-Step Verification
2-Step Verification: email template for administrators
Here's a sample communication you can send or post to users when you roll out 2-Step Verification to your G Suite users. For more about 2-Step Verification, see About 2-Step Verification.
Important tips for deploying 2-Step Verification
If your G Suite domain hasn't yet migrated over to new infrastructure:
- Your users won't be able to enroll in 2-Step Verification by going to https://www.google.com/accounts/SmsAuthConfig. Instead, instruct your users to follow these steps to get to their 2-Step enrollment page.
- The URL https://www.google.com/accounts/IssuedAuthSubTokens won't take your users to the Authorized Access to your Google Account page. Instead, instruct your users to follow these steps to generate an application-specific password for their mobile device.
See Tips for deploying to users for more information.
As part of our security policy, we're moving to a new sign in process for our G Suite accounts, called 2-Step Verification. 2-Step Verification adds an extra layer of security by requiring you to enter a verification code (similar to a PIN) after you enter your usual username and password to sign in. You receive the verification code through your mobile phone.
Why are we doing this?
2-Step Verification helps protect your account from unauthorized access due to a compromised password. Even if your password is cracked, guessed, or otherwise stolen, an attacker can't sign in without a verification code, which only you can obtain via your own mobile phone.
Here's what you'll see when you sign in with the new 2-Step Verification process:
Next steps for you:
- Sign up for the training session (If you have set up a demo or training session for your users)
- Be sure to have a mobile phone available. You can use an Android or iPhone with a data connection to receive phone prompts or the Authenticator app to generate verification codes while off-line. You may also choose to receive verification codes via text message or phone call.
- Set up your account for 2-Step Verification! Follow the instructions here.
- (date): Enrollment in 2-Step Verification starts
- (date): Deployment day where IT staff can assist you with setup
- (date): Additional demonstration/support sessions available
- (date): You should be registered and using 2-Step Verification!
2-Step Verification FAQ
Will I get phone prompts or need to enter verification codes every time I sign in?
If you don’t want to be asked for phone prompts, verification codes, or use your Security Key every time you sign in to your G Suite account, you can mark your computer as trusted by clicking the option to "Remember this computer for 30 days" after you enter your password. Do not select this option for a public computer, such as a shared computer in an internet cafe.
The verification code is used only to sign in to your G Suite account and is not shared with any other of our company's applications.
Will my password change?
No, your password stays the same.
What if I don't have my mobile phone when I need to sign in or I have trouble with the codes?
During the setup process, you will receive codes that you can write down and use when you don't have your phone. Otherwise, you can contact (your company's support contact), who can temporarily disable 2-Step Verification.
I just enrolled in 2-Step Verification, and now I can't access email on my phone.
After you enroll in 2-Step Verification, some legacy mobile devices or desktop applications may stop accessing Google (including IMAP email clients). In that case, create an application-specific password and enter it into the device/application instead of your normal password. This is a one-time process--see Application-specific passwords.