Add 2FA (2 Factor Authentication) for your Gmail and Google GSuite users

UPDATE (31 January 2019): This week I have switched across to Authy as my 2FA application of choice. The main reason being its backup capability, which gives me greater peace of mind if my phone ever dies (or needs to be changed).
Also, some of the top security people I follow use it too.

 

You really should be using 2 Factor Authentication (2FA or MFA) in your online accounts whenever it is available, especially if you re-use your passwords across accounts. Regardless, it’s a good extra layer of security to help protect your important assets.

I have a Gmail account and run 2 domains on Google’s GSuite.

For all Google’s greatness their documentation, like documentation of most large (and small) tech companies, is good but still hard to find and navigate through unless you know what you’re looking for (in fact most tech companies product zero to atrocious documentation in my humble opinion).

 

Here are 2 links to Google Support to help you get started with 2FA on your Google accounts:

  1. For domain administrators
    Set up 2-Step Verification for your domain: https://support.google.com/a/answer/184711?hl=en
  2. This is for individual users of the domain (i.e. email address holders) and GMail users.
    Turn on 2-Step Verification: https://support.google.com/accounts/answer/185839
    The support page contains a link to https://myaccount.google.com/signinoptions/two-step-verification/enroll-welcome which is where users actually get started.

With Google/GSuite accounts you can setup 2FA using: one or all of SMS, phone call, the Google Authenticator app (Play Store / iTunes), and downloadable one-time backup codes (store those in your password manager, like LastPass or 1Password. You have one of those, right?).

I particularly like the Google Authenticator Authy app.
Both Google Autneticator and Authy easy to use and integrate well with most services (e.g. Evernote, Dropbox and DigitalOcean).