What is Google 2-step verification?

2-step verification adds an extra layer of security to your Colby Apps Account by requiring a second piece of information—a numeric code—as well as your username and password when you sign in. The code changes at regular intervals, so you must have a way to obtain it in order to log in to the account. By requiring this code, the account cannot be accessed by an intruder that has obtained your password.

How do I set up 2-step verification for my account?

Activating and configuring 2-step verification is easy to do, but it can take some time (up to 30 minutes) to complete. The process can involve several steps depending on the way you access your e-mail and whether or not you use a mobile device like a smartphone.

First, review the following items involved with activating and setting up 2-step verification:

  1. Activation: requires a telephone number or mobile/SMS number to have codes sent to
  2. Backup Codes: alternate telephone numbers and print out a wallet-sized backup code list in the event that your primary number is not available or you do not have your phone with you
  3. Application-Specific Passwords: required if you have an e-mail client (Outlook, Mac Mail, Thunderbird, etc.), a tablet (iPad, etc.), smartphone (iPhone, Android) or any other application that accesses your Colby Apps account. These applications will use specific codes that you can add and remove from the 2-step settings page
  4. Mobile Authenticator (optional): recommended if you have an Android, iPhone/iPod/iPad. You can install the Google Authenticator app to generate codes on your local device instead of receiving a call or SMS message.

When you’re ready to begin activation, visit Google’s 2-step website and click ‘Get Started.’

If you’re already set up with two-step authentication, the following information may prove useful as you begin using it.


Logging in to Colby Apps with 2-step verification

Sign in to Colby Apps as you normally would, using your Colby e-mail address and password.  You’ll then be asked to enter the verification code which you received from Google, either by a phone call, text message or the Google Authenticator app (if you have a smartphone). Enter this code, and click “verify” to log in to your account.

If you are signing in from the computer you use for daily work, you can elect to ‘remember the computer’ so that you will not be prompted for a code for 30 days.

Screen-Shot-2013-09-11-at-11-57-22-AM

Depending on your primary method of receiving 2-step codes, you will see alternatives such as ‘Didn’t receive the text message?’ (in the example above) or ‘Don’t have your phone?’—click on these options if you need to use a backup code or a phone call to an alternate phone number.

Common Tasks in Google 2-step

Once Google 2-step is active on your account, you may need to configure certain parts of it, such as application-specific passwords or the Google Authenticator app for a smartphone.

  • Log in to webmail.colby.edu
  • Click on Settings (upper right menu under your account name) and Accounts
  • Click Security in the list on the left-hand side
  • Under the 2-step verification section, click Manage your application specific passwords
  • Under Personal Settings > Security, click on Review permissions
    • You may be prompted to enter your password after this step
  • Review the Application-specific passwords section—here you can see what application-specific passwords are in use and revoke them as well as generate new application-specific passwords:Screen-Shot-2013-09-17-at-1-43-27-PM
  • To create a new application-specific password, simply give the password a name and click Generate password
  • You will now see the new password:
    Screen-Shot-2013-09-17-at-1-46-59-PM
  • Enter this new password into the password field of the service or application you are setting up (like Outlook or Thunderbird). Make sure to check any Remember password option in the application so that you only need to enter this once.
  • Take notice of the new password being added to your application-password list, shown at the bottom of the picture above. If a password is no longer needed, make sure to revoke it—the last used date is helpful in determining if one is not in recent use.

Configuring Google Authenticator (2-step mobile code application for Android, Apple iOS and Blackberry)

  • Log in to webmail.colby.edu
  • Click on Settings (upper right menu under your account name) and Accounts
  • Click Security in the list on the left-hand side
  • Next to the 2-step Verification section, click Edit
    • You may be prompted to enter your password after this step
  • You will be at the main settings page for 2-step verification. Near the top of the page, under How to receive codes you should see your Mobile Application options
    • If you are setting up a new mobile phone, you can proceed to set up Google Authenticator
    • If you need to configure a new or different phone for Google Authenticator, click the Move to a different phone and follow the steps.