PROTECT YOUR KW GOOGLE ACCOUNT with 2-FACTOR AUTHENTICATION

​2-Factor authentication prevents anyone from getting into your Google account even if they have your password (such as submitting it in phishing login page). When 2-factor authentication is enabled, you will sign into your Google/KW account like normal with your full email address and password. However, an additional step will be added. You will receive a text message with a temporary 6-digit number that must be entered in addition to your password. This means anyone logging into your Google account must have your phone where the code is delivered! This is the second factor. Without the code, no one can get into your account (even you!).

---

There are a few things to understand about using 2-factor authentication...

1. 2-Factor authentication is NOT an excuse to use a weak, easy-to-remember password. You should still use a complex password with lowercase, uppercase, numbers, and symbols with a minimum of 16 characters.
2. You will not always have to provide a 2-factor code every time you log into Google. Devices you've logged into before can be selected as "trusted", so a 2-factor login will not need to be repeated after the first time on trusted devices.
3. If a device or software doesn't support 2-factor authentication (such as older versions of Microsoft Outlook) you will need to generate an "app-specific password" (not explained here).
4. 2-Factor is a serious, high-security option. If you lose access to your phone where your codes are texted to you, will lose access to your account unless you have prepared for this situation.
5. Google will provide you with 10 backup codes that can be used to log into your account if you lose access to your phone (explained in STEP 3 on this page). You must download and/or print these codes ASAP (BEFORE you lose your phone) and KEEP THEM SAFE!
6. If you lose all access to your 2-factor codes (via texts to your phone or your backup codes), you will have to contact KWRI to unlock your KW Google account. For free Gmail accounts (or other services that offer 2-factor), you may or may not be able to contact the company, and a long process of verification of your identity will take place (Google quotes a 3 to 5 day process).

---

STEP 1     Locate Your Google Account's 2-Factor Authentication Settings
​You'll first need to go into your Google account's 2-factor authentication settings.

INSTRUCTIONS

1. From any Google Apps page (Mail pictured below), click your your photo/initials in the circle in the upper-right corner of the page.
2. Click My Account.
3. On the next page, click Signing in to Google under the Sign-in & Security section.
4. On the next page, click 2-Step Verification.
   NOTE: To the right of this setting, it should say OFF if you have not yet set up 2-factor authentication.

---

STEP 2     Enable 2-Factor Authentication via Text Message
Next, you'll need to provide Google with your cell phone number where authentication codes will be texted to you.

INSTRUCTIONS

1. After you've clicked the 2-Step Verification link mentioned above, click Get Started.
2. Enter your current KW Email/Google password.
3. Enter your phone number (with area code), make sure Text Message is selected for How do you want to get codes?, then click Try It.
4. You'll receive a text message at the number you provided that says Your Google verification code is XXXXXX, enter the 6-digit number into the page, then click Next.
5. You'll receive a confirmation if the code was entered correctly, then click Turn On.

2-Factor authentication is now enabled for your Google account, but you're not finished yet!

---

STEP 3     Save Your Backup Codes     EXTREMELY IMPORTANT!
In the event that you lose access to your phone and/or text messages, you'll need to keep backup codes safe & readily available for you to use. Backup codes can be used in place of a code that would have been texted to you.

INSTRUCTIONS

1. After turning on 2-factor, you'll return to a screen with some additional options. Click Setup under Backup Codes.
2. You'll be presented with a Save Your Backup Codes screen, with 10 8-digit codes.
3. Click Download, and save the text file to a location on your computer that gets backed-up, and can be accessed from your other devices (such as a cloud storage folder like Dropbox).
   NOTE: Do not save this file to your Google Drive folder. If you are completely locked out of your Google account, your backup codes will be inaccessible to you in your Google Drive.
4. You may click Print to print your backup codes as well, but you should only do this IN ADDITION to downloading them, and keeping them backed up and available to your other secured devices.

Notes About Backup Codes...

1. Each backup code can only be used ONCE. Once it is used, delete or cross it off your list. It cannot be used again.
2. Keep your backup codes secured, and do not share them! If someone knows your password, and has access to your backup codes, they can get into your Google account! If you can access your backup codes from your phone, make sure it is password/fingerprint protected as well.
   NOTE: I have shared mine here because I generated new codes after taking the screenshot which invalidates previous codes.
3. If you are close to running out of codes (or even use just one), or someone gains access to your backup codes, return to this page in your Google account settings, and click Get New Codes to generate 10 new, different codes. Any previously generated codes will no longer work. Make sure to download them again, and get rid of any remaining files with your old codes.
4. Keep your backup codes stored in location on your computer that backed up, and is available from your other devices. A cloud storage service (such as Dropbox) works well for this, but make sure your cloud storage service is protected by 2-factor authentication as well!

---

​STEP 4     Enable Easy 2-Factor with the Google App     OPTIONAL
You can make the 2-factor sign-in process a little easier with this optional feature. You can use the the Google mobile app (for iOS here, built-in for Android phones) to verify your login with a tap rather than entering a 6-digit code. The app will send a notification to you after you enter your password, and you tap to verify that it's you attempting the login. This method will take priority over text message codes (but all methods (including backup codes) will still be available to you).

INSTRUCTIONS

1. For iPhone/iPad users, download the Google app here. (Android phones already have this feature built-in.)
2. Sign into the app with the Google/KW email account on which you've set up 2-factor authentication.
   NOTE: You will be signing in using a 2-factor code texted to you now that you've enabled the feature.
3. Back to your computer, on the 2-Step Verification screen, click Add Phone under Google Prompt.
4. Click Get Started.
5. If Google sees that you're already signed into this account on an Android phone or in the iOS Google App, you'll see the name of your phone, and you can click Next. Otherwise...
6. Make sure you're signed into your Google account on your Android phone or iOS Google app, click the downward-pointing phone next to the kind of phone you have (Android or iPhone), and click Click Here to Try Again. Google will check again to see if you're signed into an Android phone or the iOS Google app.
7. Once you confirm the name of the phone where sign-in notifications will be sent, click Next.
8. A Try It screen will appear, and you'll receive a notification (not a text message) from Google on your phone. Tap the notification (or open the Google app if you miss the notification).
9. The app will ask you Trying to Sign In? Tap Yes.
10. Back on your computer, the Google 2-factor page will say It Worked!, and this would sign you into your Google account instead of receiving a texted code.

Once this method is enabled, it will take priority over texted codes. You can sign into your other devices with the Google app installed in order to authenticate from them as well. You can still receive codes via text message by clicking Try Another Way to Sign In after you enter your password on a Google sign-in page.

---

Logging in with 2-Factor Authentication
If you've enabled all 3 methods above (text message codes, Google app confirmation, and backup codes), you'll have all 3 methods available for you to log in with. The default (primary) method will be tap-to-confirm using the Google app if you've enabled it. Your secondary option will be text message codes. If you lose access to those methods, you may also choose to use one of your ten backup codes. Finally, if all other methods fail you will have to contact Google (or KWRI) for an identity verification process that can take up to 5 days.

INSTRUCTIONS

1. Enter your email address & password as normal, and click Sign In.
2. After you click sign-in, your second factor will arrive automatically (either a text message or a notification from the Google app).
3. You can confirm your sign-in or enter your code at this point to complete your sign-in, OR you can click Try Another Way to Sign In.
4. On the next screen, you can choose any of the 3 ways to enter your second factor (Google app confirmation, text message code, or backup code). You also have the option to contact Google (or KWRI) if all other methods have failed.

---

Other Sites That Support 2-Factor Authentication
It's HIGHLY recommended that you use 2-factor authentication wherever it's supported. The more accounts it's enabled on, the more impenetrable your security on the internet becomes. Here are just a few major websites/services that support 2-factor with links that take you to instructions for enabling it...

Facebook
Amazon
Dropbox
Microsoft
Twitter
LinkedIn
your bank (very likely)
...and more!