Protect your account with 2-Step Verification

With 2-Step Verification (also known as two-factor authentication), you add an extra layer of security to your account in case your password is stolen. After you set up 2-Step Verification, you’ll sign in to your account in two steps using:

  • Something you know, like your password
  • Something you have, like your phone

Turn on 2-Step Verification

  1. Open your Google Account.
  2. In the navigation panel, select Security.
  3. Under “Signing in to Google,” select 2-Step Verification and then Get started.
  4. Follow the on-screen steps.

Your account, username@gmail.com, is associated with your work or school. If you can’t set up 2-Step Verification, contact your administrator.

Verify it’s you with a second step

After you turn on 2-Step Verification, you’ll need to complete a second step to verify it’s you when you sign in. To help protect your account, Google will request that you complete a specific second step.

Use Google prompts

We recommend you sign in with Google prompts. They’re easier to enter than a verification code and can help protect against SIM swap and other phone number-based hacks.

Google prompts are push notifications you get on iPhones that are signed in to your Google Account with the Gmail app  or Google app . If you sign in to another compatible phone, you automatically get Google prompts on that device, until you sign out.

Based on the device and location info in the notification, you can: 

  • Tap Yes to allow sign-in. 
  • Tap No to block sign-in.

Use other verification methods

You can set up other verification methods in case you:

  • Want increased protection against phishing
  • Can’t get Google prompts
  • Lose your phone

Use security keys to increase phishing protection

A physical security key is a small device that you can buy to help prove it’s you signing in. When we need to make sure it’s you, you can simply connect the key to your phone, tablet, or computer. Order your security keys.

You may also be able to use the security key built in to a compatible phone to sign in to new devices.

Tip: Security keys help protect your Google Account from phishing attacks, when a hacker tries to trick you into giving them your password or other personal information. Learn more about phishing attacks.

Use Google Authenticator or other verification code apps

Important: Never give your verification codes to anyone.

You can set up Google Authenticator or another app that creates one-time verification codes when you don’t have an internet connection or mobile service.

Enter the verification code on the sign-in screen to help verify it’s you.

Use a verification code from a text message or call

Important: Never give your verification codes to anyone.
A 6-digit code may be sent to a number you’ve previously provided. Codes can be sent in a text message (SMS) or through a voice call, depending on the setting you chose. To verify it’s you, enter the code on the sign-in screen.
Tip: Although any form of 2-Step Verification adds account security, verification codes sent by texts or calls can be vulnerable to phone number-based hacks.

Use backup codes

Important: Never give out your backup codes to anyone.
You can print or download a set of 8-digit backup codes to keep in a safe place. Backup codes are helpful if you lose your phone.

Skip a second step on trusted devices

If you don't want to provide a second verification step each time you sign in on your computer or phone, check the box next to "Don't ask again on this computer.
Important: Only check this box on devices you regularly use and don't share with anyone else.

Related articles

Was this helpful?
How can we improve it?