UCFSD Technology has enabled a technology called “2-step verification” within Google. You may know it by other names like “2FA”, “two-factor authentication”, or “multi-factor authentication (MFA)”. Throughout this page, we will use these terms interchangeably.
Two-factor verification adds a second layer of protection during the login process. Currently, your Google login is tied to “something you know” (your password). Two-factor verification adds the second layer of “something you have” (typically your cell phone or backup codes). You most likely already have experience using two-factor verification with an online banking account so enabling it within Google hopefully will not be a new experience.
Bad Actors (hackers, nation-state actors, bad people) are using new and old techniques in creative ways to acquire user passwords; they can buy lists of usernames and passwords on the dark web, they can use social engineering and email phishing tactics to steal passwords, they can use brute force methods to guess weak passwords. Adding a second form of verification dramatically decreases the likelihood of your password being compromised.
Google will not require two-factor authentication every time you log in. Once you authenticate and complete two-step verification on your phone or computer you will have the option to “Remember this device”. From that point on Google will not prompt you to perform 2FA on that device unless you clear your browser’s cache, change your password, or if Google suspects that your account has been breached. This is really important. Our goal here is not to have a big impact on your normal workflow. Our goal is to try and limit a bad actor’s ability to use your account, just by getting access to your password.
You can turn on 2FA today, however, you do not have to right now. November 10, 2024, you will need to enable two-factor authentication.
If you have a smartphone and you are interested in enabling it now feel free, we encourage it! Directions for enabling two-factor authentication (or as Google calls it “2-Step Verification”) are below in the section labeled “Setting up 2 Step Authentication.“
The Google training videos below show why you want to use 2-Step Verification with your Google Workspace account and how to enable it, and how you can use 2-Step Verification if you don’t have a phone.
No. Google 2-Step Verification is only for Google. That is, 2-Step Verification it is needed to access your district Gmail, Calendar, My Drive, Shared drives, and other Google services that you access with your UCFSD credentials
You do not have to use Google 2-Step Verification in order to log onto a district computer.
The easiest verification method is Google prompts. Using this method, you just tap a prompt rather than enter a verification code. Google prompts can help protect against phone number-based hacks such as SIM card swaps. It is more secure than using voice or text messages.
Google prompts are push notifications you receive on
Android phones that are signed in to your Google Account
iPhones with the Gmail app, Google app or Smart Lock app signed in to your Google Account
Based on the device and location info in the notification, you can:
Allow the sign in if you requested it by tapping Yes
Block the sign in if you didn’t request it by tapping No
Google may occasionally also ask you to tap a pin number that matches the one displayed on your screen, for extra security.
Note: If you sign in to your Google Account on any eligible phone, Google prompts is added as a method for 2-Step Verification automatically.
Please also enable additional verification methods.
To turn on 2-Step Verification:
Browse to Google’s 2-Step Verification enrollment page.
Sign in with your UCFSD Credentials if needed.
Click the GET STARTED button. (Have your phone nearby.)
Follow the step-by-step setup process.
Once you’re finished, you’ll be taken to the Google 2-Step Verification settings page. Review your settings and add additional verification methods. Be sure to add several alternative methods.
The video above has all the steps!
If you are using a device that is primarily assigned to you, such as your district provided computer or your own mobile device, you can mark that device as trusted so that you don’t have to enter a verification code each time you sign in. To do this, follow these steps.
Sign into your UCFSD.NET account on a computer or device you trust.
When you enter the verification code, also select the option “Don’t ask again on this computer.”
On Apple iOS, be sure that
Your phone is connected to the internet. You need Wi-Fi or cellular data turned on to receive notifications.
You turn off Focus or Do Not Disturb in Settings if it is turned on.
You have turned on push notifications for the Gmail app, Google app or Smart Lock app.
On Android, be sure that
Your phone is connected to the internet. You need Wi-Fi or cellular data turned on to receive notifications.
You turn off Do Not Disturb, if the setting is turned on.
Your phone has the latest version of Google Play services.
Check that you are signed into your Google Account: Open Settings. Tap Accounts and then Google. If you aren’t signed in, follow the on-screen steps.
If you lose or forget to bring the phone you registered for 2-Step Verification, it’s important that you have another method you can use to access your UCFSD.NET Google account.
We strongly recommend enabling all four supported methods!
UCFSD supports use of the following Google 2-Step Verification second step methods.
Google prompts. After you enter your password, Google prompts are securely sent to every mobile device where you’re signed into your Google account. Just tap the notification to review and sign in. No need to enter verification codes.
Authenticator app. Generate a verification code using an app on your smart phone. Commonly-used authenticator apps are Google Authenticator and Microsoft Authenticator.
Voice or text message. Receive a verification code using SMS text message or voice on your registered phone. (Note: this is a less secure method than using Google prompts or an authenticator app.)
Backup codes. Use a single-use code from a set that you download or print. You can generate a new set when you run out. Be sure to always store these codes securely!
After you have turned on 2-Step Verification, you sign in to your account in two steps with
Something you know (your password), and
Something you have (your phone or other verification method).
Google prompts you for the information needed for the second step. In the example screenshot, Google is asking you to open the Gmail app on your iPhone for verification via Google prompts.
If you have more than one 2-Step Verification method set up (highly recommended!), you can click “Try another way” to use a method different.
If you will be somewhere without your mobile device, you can use backup codes for 2-Step Verification.
To learn how, please read Sign in with backup codes on Google’s support site.
Please note:
Once you use a backup code to sign in, that code becomes inactive.
You can generate a new set of 10 backup codes whenever you want, using the instructions above.
When you generate a new set of codes, the old set automatically becomes inactive.