Two-Factor Authentication Instructions
What is two-factor authentication?
Why are we implementing two-factor authentication?
How often will I need to use two-factor authentication?
What’s the timeline for this change?
What two-factor authentication method should I use?
Steps for enabling Two-factor Authentication
What are my support options when setting up two-factor authentication?
What is two-factor authentication?
Two-factor authentication adds a second layer of protection during the login process. Currently your Google login is tied to “something you know” (your password). Two-factor authentication adds the second layer of “something you have” (typically your smartphone and absent that, a USB security key). You most likely already have experience using two-factor authentication with an online banking account so enabling it within Google hopefully will not be a new experience.
Why are we implementing two-factor authentication?
Times are changing and hackers are finding new and creative ways to acquire user passwords; they can buy lists of usernames and passwords on the dark web, they can use social engineering and email phishing tactics to steal passwords, they can use something called “dictionary attacks” as a brute force method to guess weak passwords. Adding a second form of verification dramatically decreases the likelihood of your password being compromised.
How often will I need to use two-factor authentication?
Once you authenticate and complete two-factor authentication on your phone or computer you will have the option to “remember this device”. From that point on Google will not prompt you to perform two-factor authentication on that device unless you clear your browser’s cache, log out of your device, change your password, or if Google suspects that your account has been breached.
⏰ What’s the timeline for this change?⏰
January 31st at noon is the date/time by which you will need to enable two-factor authentication. If you do not enable two-factor authentication by the date listed you will be locked out of your account and you will need to create a help desk ticket at it.willowcreek.org to regain access. You will be reminded to enable two-factor authentication throughout the month of January up until the 31st.
What two-factor authentication method should I use?
There are a couple different methods you can use to complete two-factor authentication. They are….
Use a Google application configured on your phone (recommended)
Use text messaging (the preferred backup method)
If you do not own a smartphone, use a USB key that you plug into your computer
Receive a voice call at a different telephone number (ex: your Willow extension)
Print 10 pre-established backup codes
The Google application method mentioned above is called a “push” authentication. With push authentication there will be an alert that appears on your phone and you’ll just need to acknowledge the two-factor request. On an iPhone we suggest you use the Gmail app or the Google Search app On an Android device you just need to be logged into email with your Willow email address. It is important that you setup backup methods for completing two-factor authentication in the event that you do not have your phone. To setup backup methods once two-factor is enabled, go to https://myaccount.google.com/ and select “Security” on the left, click the right arrow next to “2-Step Verification”, enter your password, then follow the prompts in the section labeled “Available second steps”.
? Steps for enabling Two-factor Authentication ?
1. If you have an iPhone make sure that you have either the Gmail app or the Google Search app installed and that you are logged into the app using your Willow email address. Either app can act as your second form of authentication as you try to log into Google. Here is a screenshot of both apps, they are available for free in the App Store. If you have an Android device you just need to make sure that the GMail app is configured for your Willow email account.
2. In a web browser visit your Google settings page located here https://myaccount.google.com and select “Security” on the left.
3. In the center of the page scroll down to the section labeled “Ways we can verify it’s you” and make sure you have a recovery phone entered, if not add it now.
4. Also located on the “Security” page go to the section labeled “Signing in to Google” and click the right arrow next to “2-Step Verification”.
5. Select the “GET STARTED” button, you will then be prompted to enter in your Willow password.
6. It should show that your phone is already known to Google, select the “NEXT” button.
7. You will then be asked to configure a backup method to complete two-factor authentication. Select the “Text message” option and click “SEND” You will receive a text message from Google with a code, enter that code and click “NEXT”
8. Lastly, confirm that you want to enable 2-Step Verification by pressing the “TURN ON” button.
It will then take you to the 2-Step Verification page. Here you can review your settings and optionally configure alternate methods to complete two-factor authentication.
What are my support options when setting up two-factor authentication?
Submit a ticket at: https://it.willowcreek.org/.
When creating a ticket, select “Google Workspace” -> “Two-Factor Authentication”
OR
Partner with a Willow Staff member within your ministry to ask for assistance. WIllow Staff have already done this process, so they should be familiar with how to assist you.