Turn on 2-Step Verification

With 2-Step Verification, also called two-factor authentication, you can add an extra layer of security to your account in case your password is stolen. After you set up 2-Step Verification, you can sign in to your account with:

  • Your password
  • Your phone

Allow 2-Step Verification

  1. Open your Google Account.
  2. In the navigation panel, select Security.
  3. Under “How you sign in to Google,” select 2-Step Verification and then Get started.
  4. Follow the on-screen steps.

Tip: If you use an account through your work, school, or other group, these steps might not work. If you can’t set up 2-Step Verification, contact your administrator for help.

Turn on 2-step verification

Verify it’s you with a second step

After you turn on 2-Step Verification, you must complete a second step to verify it’s you when you sign in. To help protect your account, Google will ask that you complete a specific second step.

Use Google prompts

We recommend you sign in with Google prompts. It's easier to tap a prompt than enter a verification code. Prompts can also help protect against SIM swap and other phone number-based hacks.

Google prompts are push notifications you’ll receive on:

  • Android phones that are signed in to your Google Account.
  • iPhones with the Smart Lock app , the Gmail app , the Google Photos app Photos, the YouTube app YouTube, or Google app signed in to your Google Account.

Based on the device and location info in the notification, you can:

  • Allow the sign-in if you requested it by tapping Yes.
  • Block the sign-in if you didn’t request it by tapping No.

For added security, Google may ask you for your PIN or other confirmation.

Use other verification methods

You can set up other verification methods in case you:

  • Want increased protection against phishing
  • Can’t get Google prompts
  • Lose your phone
Use security keys to increase phishing protection

A physical security key is a small device that you can buy to help verify it’s you when you sign in. When we need to make sure it’s you, you can simply connect the key to your phone, tablet, or computer. Order your security keys.

Tip: When a hacker tries to get you to give them your password or other personal information, security keys help you protect your Google Account from phishing attacks. Learn more about phishing attacks.

Use Google Authenticator or other verification code apps
Important: Never give your verification codes to anyone.

When you don't have an internet connection or mobile service, you can set up Google Authenticator or another app that creates one-time verification codes.

To help verify it's you, enter the verification code on the sign-in screen.

Use a verification code from a text message or call
Important: Never give your verification codes to anyone.
A 6-digit code may be sent to a number you’ve previously provided. Codes can be sent in a text message (SMS) or through a voice call, which depends on the setting you chose. To verify it’s you, enter the code on the sign-in screen.
Tip: Although any form of 2-Step Verification adds account security, verification codes sent by texts or calls can be vulnerable to phone number-based hacks.
Use backup codes
Important: Never give out your backup codes to anyone.
To keep in a safe place, you can print or download a set of 8-digit backup codes. If you lose your phone, backup codes are helpful.

Skip a second step on trusted devices

If you don't want to provide a second verification step each time you sign in on your computer or phone, check the box next to "Don't ask again on this computer" or "Don't ask again on this device."
Important: Only check this box on devices you regularly use and don't share with anyone else.

Related resources

true
Protect Your Identity Online

Get step-by-step visual guides on the tools and practices that will help you protect your personal information with Google's Online Security Guidebook.

Search
Clear search
Close search
Main menu
357523838503386532
true
Search Help Center
true
true
true
true
true
70975
false
false