2-Step Verification adds an extra layer of security to your users' managed Google accounts by requiring them to enter a verification code in addition to their username and password when signing in to their account.


2-Step Verification helps protect a user's account from unauthorized access should someone manage to obtain their password. Even if a password is cracked, guessed, or otherwise stolen, an attacker can't sign in without access to the user's additional verification. This verification can be in the form of codes which only the user can obtain via their own mobile phone.


2-Step Verification screenshot


Enable 2- Step Verification for your domain.

  1. In your Google Admin console (at admin.google.com)...

  2. Click Security > Basic settings.
  3. Under 2-Step Verification, check Allow users to turn on 2-step verification.

This makes 2-Step Verification available for your users, but does not automatically enroll them. To enroll, users need to configure their verification settings individually as below:

  1. Go to the 2-Step Verification section of your Google Account.
  2. Select Get started.
  3. Follow the steps on the screen.


Once all users have enrolled in 2-Step Verification, you can enforce its use following the instructions in Enforcement.


Enforce 2- Step Verification for your domain.

  1. In your Google Admin console (at admin.google.com)...

  2. Click Security >Advanced security 
  3. Select Authentication
  4. Select the Option to Turn on enforcement  depending on your requirements.
  5. Save your changes.