Systems are only as secure as the authentication mechanisms into them. While Google deploys a number of anti-phishing, anti-hijacking, and suspicious login detection technologies, username and password-based authentication remains limited. Usernames are not secret and passwords can be stolen, extracted via social engineering, or cracked via brute force.
What is Multi-Factor Authentication?
In addition to requiring your username and password, which are said to be “something you know”, Multi-Factor Authentication also requires “something you are” (eg. fingerprint or face) or “something you have” (eg. security key or mobile device). This additional requirement increases digital security massively, eliminating close to 100% of automated account attacks.
Multi-Factor Authentication (MFA) is also referred to as 2-factor authentication (2FA) or 2-step verification (2SV) but for consistency and to encompass the multiple methods of authentication we’ll refer to it as Multi-Factor authentication.
What methods of Multi-Factor authentication do we use?
The primary method of MFA you will use will depend on the devices you use.
Google Prompt
For users who are provided with a company laptop and cellphone (including users who receive reimbursement for using their personal cell phone), Google Prompt will be the primary method of MFA. To set up Google Prompt, follow the steps in this article. Once MFA is enabled on your account you can sign in using Google Prompt following these steps:
When you are signing in on a new device/application, enter your company username and password and select next.
You'll see a reminder to check your phone to sign in.
On your iPhone, open the Gmail app. You can also tap the notification.
On the prompt, tap Yes.
Security Key (Titan Key)
For users who only have a company provided laptop, the primary method of MFA will be a security key from Google called a Titan Key. This is a small USB-C key that is required to be connected to your laptop when you sign in to your Google account. Like a house or car key, you should keep this safe and make sure you take it with so that you can access your account.