Skip to end of metadata
Go to start of metadata

2 Factor authentication is an extra layer of security that requires, in addition to your regular username and password, a separate piece of information that only you can access.  This can be a code received on your mobile device or a unique piece of hardware.  This limits the effectiveness of simple password hacks and social engineering exploits.


Enabling 2 Factor Authentication 

Considerations

Before you begin, you'll need to decide how you'd like to receive your two-factor code.  Your options are as follows:

  1. Use the Google App on your Clarkson smartphone, personal smartphone or tablet (install from your App Store before proceeding)
  2. Text message on your Clarkson cell phone or personal cell phone
  3. Voice call on land-line phone
  4. USB-based hardware key (department funded - please contact the HelpDesk for additional information)

Setup Instructions

  • Navigate to Google's main 2 Factor authentication page (https://www.google.com/landing/2step/) and Click on the "Get Started" Button.
    • If prompted, select the account you wish to protect with 2 factor authentication.  Otherwise, click on the "Sign In" button and follow the prompts to sign into your account.  In some instances, you may have to do both.
  • If you have not associated a phone number with your account, you will be prompted to do so.  (Fig 2)
    • Enter your phone number, and select how you would like to receive your codes, and click NEXT
      • If you choose NOT to use a mobile device, you will not be able to use text message verification in this or later steps of this guide.
      • If you choose to use a LANDLINE, that is the only device you will be able to use to authenticate you account in the future.
    • Depending on your choices above, you will receive a verification code as a text or voicemail.  Enter that code into the box labeled "Enter the code", on the page that opens. (Fig 2)
    • On the new page that opens, click "Turn On". (Fig 2)

      Fig 2

    • 2 Factor Authentication is now enabled on your account with the default settings enabled and you will begin receiving codes through voice or text messages when you are required to authenticate your login.

Authentication Methods

The method you used to authenticate your account during the setup steps outlined aove are the default settings for your account.  After enabling Two Factor Authentication you can setup additional authentication options, selectable from the 2-Step Verification page, shown here:

Google Authenticator Moble App

If you don't want to rely on text messages to authenticate your account, you can install the Google Authenticator App to receive codes. 

Install the App

    • Visit the Apple App store or Google Play
    • Search for Google Authenticator
    • Download and install the application

Setup the App

    • On your computer, go to the 2-Step Verification settings page and click on Android or iPhone.  Login to your Clarkson.edu account if prompted.  Click on the big blue "Get Started" button.
       
    • On your mobile device, open the Google Authenticator application.
    • If this is the first time you have used Authenticator, select Begin. If you are adding a new account, choose Set up account from the app's menu.  You may need to click through a bried tutorial on the application before you can procede.
    • To link your mobile device to your account:
      • Using QR code: Select Scan a barcode. If the Authenticator app cannot locate a barcode scanner app on your mobile device, you might be prompted to download and install one. If you want to install a barcode scanner app so you can complete the setup process, select Install, then go through the installation process. Once the app is installed, reopen Google Authenticator, then point your camera at the QR code on your computer screen.
      • Using secret key: Select Enter provided key, then enter the email address of your Google Account in the "Enter account name" box. Next, enter the secret key on your computer screen in the "Enter your key" box. Make sure you've chosen to make the key Time based, then select Add.
    • To test that the application is working, enter the verification code on your mobile device into the box on your computer next to Code, then click "Verify."
    • If your code is correct, you will see a confirmation message. Click "Save" to continue the setup process. 

Backup Codes 

In the event that Google asks you to authenticate your login and you do not have access to your choosen authentication method, you will need backup codes.  Please follow these steps to print out your unique backup codes.

    • Login to your Clarkson Google account and navigate to the "Sign-in & Security" page: https://myaccount.google.com/security
    • On the left hand navigation pane, click on "Signing Into Google".  This will take you to the "Signing Into Google" section of the webpage. (Fig 3)
    • Click on the arrow next to your enabled "2-Step Verification" section.  (Fig 3)

Fig 3

    • On the "2-Step Verification" page that open, click on "Setup" in the "Backup Codes" section.  (Fig 4)
    • On the page that opens, click on "Print" to obtain your codes to store in a safe place. (Please note, this document contains sample codes only.)  (Fig 4)

Fig 4

USB Security Key

You can elect to sign in with a USB Security Key, a small USB device that connects to your computer. This allows you add the security of 2-Step Verification to your account without the need to re-type codes from your phone. You simply insert the USB Security Key when prompted.  

Considerations

A Security Key is a good idea if:

  1. You don't mind carrying it with you. A Security Key is small enough to fit on your keychain or in your wallet.
  2. You use the Chrome browser on your computer. Security Keys don't work on other browsers, like Safari.
  3. (iPhone users only) You don't plan to use your Google Account on your iPhone's Mail, Calendar, or Contact apps.  Security Key doesn't work with apps that come on your iPhone, but you can use Google apps instead.

Get a Security Key

You can buy a Security Key online: http://a.co/eKwrI1N  Please contact your supervisor if necessary.

Add a Security Key to your Google Account

    • Go to the 2-Step Verification page section of My Account.
    • Click Add security key.
    • Follow the on-screen instructions.
      • Make sure the USB Security Device is NOT connected to your computer, cliack NEXT
      • Insert your USB Security Device and click NEXT when it bacomes available.
      • Enter a name for your device, and click DONE


Note: If your Security Key doesn't have a button, you'll need to remove and reinsert it every time you need to use it.

Authentication for External Applications 

In some cases, after setting up two-factor authentication for your Google account, you may have trouble logging into programs that use Google for authentication.  If this occurs, one thing to try is setting up an "Application Password" for that app.  Please follow Google's documentation for doing this, located here: https://support.google.com/accounts/answer/185833?hl=en

Generate Application Specific Password

      • Visit your App passwords page. You may be asked to sign in to your Google Account.
      • At the bottom, click Select app and choose the app you’re using.

      • Click Select device and choose the device you’re using.

      • Select Generate.

      • Follow the instructions to enter the App password (the 16 character code in the yellow bar) on your device.

      • Select Done.

Once you are finished, you won’t see that App password code again. However, you will see a list of apps and devices you’ve created App passwords for.

Note: You may not be able to create an App password for less secure apps. Learn more about allowing less secure apps.