You should set up 2-step verification because doing so makes it very hard for anyone to take over your email account remotely. Without setting up 2-step verification, hackers could get into your account if they figured out your password. With 2-step verification enabled, they would need the password and physical control of your phone, your wallet or purse, or your actual computer. Here's why this matters: In most cases you would have no way of knowing whether someone somewhere else in the world had cracked your password and was rummaging through your account. This lets you know.
How do I turn on 2-Step Verification?
When you enable 2-Step Verification (also known as two-factor authentication), you add an extra layer of security to your account. You sign in with something you know (your password) and something you have (like a code sent to your phone).
To set up 2-Step Verification:
- Go to the 2-Step Verification page. You will be prompted to sign in to your WFU Google Account.
- Click Get started. (Have a phone nearby.)
- Follow the quick step-by-step setup process.
Once you're finished, you'll be taken to the 2-Step Verification settings page. Review your settings and add backup phone numbers. The next time you sign in, you'll receive a message with a verification code. You also have the option of using a Security Key for 2-Step Verification or a variety of other alternative second steps. We recommend you choose at least one alternative option.
How do I sign in with 2-Step Verification?
Signing in with 2-Step Verification is easy.
- Go to the sign-in page of your mail or any other Wake Forest application that employs Google Single Sign-On, and enter your username and password like you normally do.
- Every 30 days or every time you try logging into your WFU Google Mail or any Google Single Sign On service on a new device, you’ll be asked for a six-digit code, which you'll get from your phone. If you want, when you enter your code, you can choose to trust your computer -- this means you won't be asked for a code again when you sign in from this computer. If you sign in from another computer, however, you’ll be asked for a code.
- After you turn on 2-Step Verification, non-browser applications and devices that use your Google Account (such as Outlook), may be unable to connect to your account. However, in a few steps, you can generate a special password called application-specific password to allow this application to connect to your account -- and don't worry, you'll only have to do this once for each device or application.
Alternate Methods
What if I don’t want to use my phone?
Don’t want to use your phone? No problem. You’ll need a phone to set up 2-Step Verification at first, but you can then immediately change your second step. Here are some alternatives:
What is a security key? How do I use it?
A security key (also called a fob, or USB key), is a Fido U2F certified, read-only device that looks like a USB flash drive. When plugged in to your USB drive, it will generate a code for you, instead of you entering a code manually. Any device that is Fido U2F certified can be used with Google 2-Step Verification. Click here for more information on the IS-preferred security key, YubiKey.
Are there limitations with security keys?
Yes, there are a few limitations to U2F security keys. They are:
- You must be using a device with a USB port, and the USB port must not be disabled (some kiosks and computer labs disable USB ports for security reasons).
- You must be using a supported browser.
- Google Chrome supports U2F natively.
- While Firefox does not natively support U2F, there are extensions that may add U2F functionality.
Can I use Google Voice to receive codes?
Using Google Voice is not recommended. If you use Google Voice to receive verification codes, you can easily create a situation where you’ve locked yourself out of your account. For example, if you are signed out of your Google Voice app, you might need a verification code to get back in. However, you won’t be able to receive this verification code because it will be sent to your Google Voice, which you can’t access.
Troubleshooting
What if my phone was lost or stolen?
If your phone was lost or stolen, we strongly recommend that you change your WFU Google Account password and revoke your App Passwords. This will help prevent others from accessing your WFU Google Account from your phone. Learn more here.
What if I get a new phone after I’ve set up Google 2-Step Verification?
No problem. Follow these instructions.
My Google Authenticator codes aren’t working (Android). What do I do?
This might be because the time on your Google Authenticator app is not synced correctly. To make sure that you have the correct time:
- Go to the main menu on the Google Authenticator app
- Tap More Settings
- Tap Time correction for codes
- Tap Sync Now
On the next screen, the app will confirm that the time has been synced, and you should now be able to use your verification codes to sign in. The sync will only affect the internal time of your Google Authenticator app, and will not change your device’s Date & Time settings.
I’m stuck and I need backup codes! Help!
If you are affiliated with Wake Forest University and none of your 2-Step options are working, you can call the Information Systems Service Desk Monday through Friday, from 8am to 5pm or visit us at The Bridge located on the main floor of the Z. Smith Reynolds Library, and we’ll provide you with a backup code. Please note, you will be required to answer security questions in order for us to provide you with this information.
What do I do if I’ve lost my backup codes, and want to revoke them?
If you lost the print-out of your backup codes, you can revoke them on your settings page. In the Backup codes section click Show codes, then click Get new codes. This will invalidate the previous set of backup codes and generate a new set.
I turned on 2-Step Verification and an app on my phone or computer stopped working. What now?
When you turn on 2-Step Verification, any apps that need access to your WFU Google Account will stop working until you enter an App Password in place of your normal password. Common applications and devices that require an App Password include:
- Old versions of email clients such as Outlook, Apple Mail and Thunderbird
- The email app that comes with your phone (but is not made by Google)
- Some chat, contacts and YouTube clients
Note: If you're running the latest operating system on your iPhone/iPad or Mac computer, you will no longer have to use App passwords to use 2-Step Verification. You do not need to memorize App Passwords because every App Password is only used once. You can generate a new App Password whenever you’re asked for one--even for a device or application you’ve authorized before.
Why does Google ask for verification every time I log in, even though I checked the box to ask every 30 days?
You most likely need to enable cookies in your browser, or your browser is set to automatically clear it's cache on exit.
Was this answer helpful? Yes No
See also What is Google Page Experience Update for Desktop? (2022)
If you have non-Microsoft accounts, such as for Google, Facebook, or GitHub, you can add them to the Microsoft Authenticator app for two-step verification. The Microsoft Authenticator app works with any app that uses two-step verification and any account that supports the Time-based One-time Password (TOTP) standards. Important: Before you can add your account, you have to download and install the Microsoft Authenticator app. If you haven't done that yet, follow the steps in the Download and install the app article.
Generally, for all your personal accounts, you must:
-
Sign in to your account, and then turn on two-step verification using either your device or your computer.
-
Add the account to the Microsoft Authenticator app. You might be asked to scan a QR code as part of this process.
If this is the first time you're setting up the Microsoft Authenticator app, you might receive a prompt asking whether to allow the app to access your camera (iOS) or to allow the app to take pictures and record video (Android). Allow the app to use the camera so that you can take a picture of a QR code in one step. If you don't allow the camera, you can still add the code manually as described in Manually add an account to the app.
In this article, we're providing the process for your Facebook, Google, GitHub, and Amazon accounts, but the process is the same for other apps, such as Instagram and Adobe.
Add your Google account by turning on two-step verification and then adding the account to the app.
-
On your computer, go to the Google account two-step verification page, select Get Started, and then verify your identity.
-
Follow the on-page steps to turn on two-step verification for your personal Google account.
-
On the Google account security page, go to the Add more second steps to verify it's you section, choose the Set up from the Authenticator app section.
-
On the Get codes from the Authenticator app page, select either Android or iPhone based on your phone type, and then select Next.
-
You're given a QR code that you can use to automatically associate your account with the Microsoft Authenticator app. Do not close this window.
-
Open the Microsoft Authenticator app, select Add account from the Customize and control icon in the upper right, and then select Other account (Google, Facebook, etc.).
-
Use your device's camera to scan the QR code from the Set up Authenticator page on your computer.
Note: If your camera isn't working properly, you can enter the QR code and URL manually.
-
Review the Accounts page of the Microsoft Authenticator app on your device, to make sure your account information is right and that there's an associated verification code. For additional security, the verification code changes every 30 seconds preventing someone from using a code multiple times.
-
Select Next on the Set up Authenticator page on your computer, enter the verification code provided in the app for your Google account, and then select Verify.
-
Your account is verified, and you can select Done to close the Set up Authenticator page.
Add your Facebook account by turning on two-step verification and then adding the account to the app.
-
On your computer, open Facebook, select the menu in the top-right corner, and then go to Settings > Security and Login. The Security and Login page appears.
-
Go down to the Use two-factor authentication option in the Two-Factor Authentication section, and then select Edit.
-
The Two-Factor Authentication page appears.
-
Select Turn On.
-
On the Facebook page on your computer, go to the Add a backup section, and then choose Setup from the Authentication app area.
-
You're given a QR code that you can use to automatically associate your account with the Microsoft Authenticator app. Do not close this window.
-
Open the Microsoft Authenticator app, select Add account from the Customize and control icon in the upper right, and then select Other account (Google, Facebook, etc.).
-
Use your device's camera to scan the QR code from the Two factor authentication page on your computer.
Note: If your camera isn't working properly, you can enter the QR code and URL manually.
-
Review the Accounts page of the Microsoft Authenticator app on your device, to make sure your account information is right and that there's an associated verification code. For additional security, the verification code changes every 30 seconds preventing someone from using a code multiple times.
-
Select Next on the Two factor authentication page on your computer, and then type the verification code provided in the app for your Facebook account.
-
Your account is verified, and you can now use the app to verify your account.
Add your GitHub account by turning on two-step verification and then adding the account to the app.
-
On your computer, open GitHub, select your image from top-right corner, and then select Settings.
-
The Two-factor authentication page appears.
-
Select Security from the Personal settings sidebar, and then select Enable two-factor authentication from the Two-factor authentication area.
-
On the Two-factor authentication page on your computer, select Set up using an app.
-
Save your recovery codes so you can get back into your account if you lose access, and then select Next. You can save your codes by downloading them to your device, by printing a hard copy, or by copying them into a password manager tool.
-
On the Two-factor authentication page, select Set up using an app. The page changes to show you a QR code. Do not close this page.
-
Open the Microsoft Authenticator app, select Add account from the Customize and control icon in the upper right, select Other account (Google, Facebook, etc.), and then select enter this text code from the text at the top of the page.
-
The Microsoft Authenticator app is unable to scan the QR code, so you must manually enter the code.
-
Enter an Account name (for example, GitHub) and type the Secret key from Step 4, and then select Finish.
-
On the Two-factor authentication page on your computer, type the verification code provided in the app for your GitHub account, and then select Enable.
-
The Accounts page of the app shows you your account name and a verification code. For additional security, the verification code changes every 30 seconds preventing someone from using a code multiple times.
Add your Amazon account by turning on two-step verification and then adding the account to the app.
-
On your computer, open Amazon, select the Account & Lists menu, and then select Your Account.
-
Select Login & security, sign in to your Amazon account, and then select Edit in the Advanced Security Settings area. The Advanced Security Settings page appears.
-
Select Get Started.
-
Select Authenticator App from the Choose how you'll receive codes page. The page changes to show you a QR code. Do not close this page.
-
Open the Microsoft Authenticator app, select Add account from the Customize and control icon in the upper right, and then select Other account (Google, Facebook, etc.).
-
Use your device's camera to scan the QR code from the Choose how you'll receive codes page on your computer.
Note: If your camera isn't working properly, you can enter the QR code and URL manually.
-
Review the Accounts page of the Microsoft Authenticator app on your device, to make sure your account information is right and that there's an associated verification code. For additional security, the verification code changes every 30 seconds preventing someone from using a code multiple times.
-
On the Choose how you'll receive codes page on your computer, type the verification code provided in the app for your Amazon account, and then select Verify code and continue.
-
Complete the rest of the sign-up process, including adding a backup verification method such as a text message, and then select Send code.
-
On the Add a backup verification method page on your computer, type the verification code provided by your backup verification method for your Amazon account, and then select Verify code and continue.
-
On the Almost done page, decide whether to make your computer a trusted device, and then select Got it.
-
Turn on Two-Step Verification. The Advanced Security Settings page appears, showing your updated two-step verification details.