Turning on 2-Step Verification
Google 2-Factor Authentication (2FA)
San Leandro Unified School District will be rolling out a technology called “2-factor authentication” within Google. You may know it by other names like “2FA”, “two-step verification”, or “multi-factor authentication (MFA)”.
What is 2-factor authentication?
2-factor authentication adds a second layer of protection during the login process. Currently, your Google login is tied to “something you know” (your password). 2-factor authentication adds the second layer of “something you have” (typically your smartphone, a temporary code, or absent that, a USB security key). You most likely already have experience using 2-factor authentication with an online banking account so enabling it within Google hopefully will not be a new experience.
Why do we have to enable 2-factor authentication?
2-factor authentication drastically reduces the chances of having the personal information in your Google account stolen by someone else. Though an extra step to logging in may feel frustrating, it’s less frustrating than dealing with a compromised account. Requiring an additional authentication method for account access is the next big push for districts to be compliant with cybersecurity risks/best practices. Additionally, the District’s insurance company requires that all staff complete cyber security training. Effective with the 2023-2024 school year, cyber security modules will be part of the required Keenan annual trainings.
What’s the timeline for this change?
You will receive an email with instructions when you will need to enable 2-factor authentication (“Google 2-factor Authentication Deadline”). If you do not enable 2-factor authentication by the date listed, you will be locked out of your account and will need to contact IT to regain access. You will be reminded to enable 2-factor authentication during the grace period leading up to the deadline listed in the email. An example notification message will look like this …
If you have a smartphone and you are interested in enabling it now feel free, we encourage it! Directions for enabling 2-factor authentication (or as Google calls it “2-Step Verification”) are below in the section labeled “Steps for enabling 2-factor Authentication.“
What 2-factor authentication method should I use?
There are several methods you can use to complete 2-factor authentication:
- Use a Google Prompt (e.g. the Gmail App) configured and signed in with your district email on your phone (recommended).
- Use an authenticator application such as Google Authenticator. Does not require your district account to be signed in.
- Use a USB key that you plug into your computer. If you are a district employee and choose this method, a USB security key will be provided.
- Use text messaging (the least preferred backup method).
- Print 10 pre-established backup codes.
The Google Prompt method mentioned above is called a “push” authentication, where you will have to acknowledge a pop-up notification from a Google app on your phone. In the event that you do not have your phone, it is important that you setup backup methods for completing 2-factor authentication.
To setup backup methods once 2-factor is enabled,
- Go to https://myaccount.google.com/
- Select “Security” on the left,
- Click the right arrow next to “2-Step Verification”, enter your password
- Follow the prompts in the section labeled “Available second steps”.
Steps for enabling 2-factor Authentication
Google provides an always up-to-date guide here. (https://support.google.com/accounts/answer/185839)
- In a web browser, visit your Google settings page located here: https://myaccount.google.com and select “Security” on the left.
- In the center of the page scroll down to the section labeled “How you sign in to Google”, Click on 2-Step Verification.
- Select the “GET STARTED” button, you will then be prompted to enter in your San Leandro Unified School Distirct Google password.
- Google will default to using text messages. If you do not want to use this option please Select “Show more options”
*Recommended option is Google Prompt - Follow the directions on your screen.
How do I change my 2FA sign in options
- Go to https://myaccount.google.com/ and select “Security” on the left.
- In the center of the page scroll down to the section labeled “How you sign in to Google”
- Click on the option you are trying to change
- Please note the “You can add more sign-in options sections. In this section, it will allow you to sign up with Authenticator, Print out Backup codes, etc
What if I do not want to use my phone number for texting
You do not need to your text messaging option. Google will default to using text messages. If you do not want to use this option please Select “Show more options”
You can sign up for the following
- Use a Google Prompt If you are already checking your district mail on your phone (recommended).
- Use an authenticator application such as Google Authenticator. Does not require your district account to be signed in.
- Use a USB key that you plug into your computer. If you are a district employee and choose this method, a USB security key will be provided.
What if I don’t have my phone with me?
If you will be somewhere without your mobile device or USB key, you can use backup codes for 2-Step Verification.
*note please do not store these codes in your district email or Google Drive, as you will not be able to log into your account to get these codes.
To learn how, please read Sign in with backup codes on Google’s support site.
Please note:
- Once you use a backup code to sign in, that code becomes inactive.
- You can generate a new set of 10 backup codes whenever you want, using the instructions above.
- When you generate a new set of codes, the old set automatically becomes inactive
What are my support options when setting up 2-factor authentication?
- Email support@slusd.us which will automatically submit a ticket to our helpdesk
- Call the helpdesk line 510-667-6210