Setting up Google MFA=Multi Factor Authentication (or 2FA)
Google in late 2021 is going to be enabling, and forcing MFA on all accounts: https://blog.google/technology/safety-security/making-sign-safer-and-more-convenient/
Googles article on the enrollment process is here: https://support.google.com/accounts/answer/10956730
What it is going to do by default is if you have ever logged in with the Google App (on Android or iOS) will make that your default (and non-industry standard) Second Factor. For initial setup, that's fine but the problem is when (not if) you loose your mobile device and have to set it up again that's when things can go wrong.
If you don't have a backup way to get back into your account you can get locked out permanently (because google doesn't have a support number to call, especially for free @gmail.com accounts).
Google Workplace/G Suite/Google Apps or corporate accounts: Google currently says here: https://blog.google/technology/safety-security/a-simpler-and-safer-future-without-passwords/
that "NOTE: The automatic 2SV enrollment will not impact organizations on Google Workspace. Organizations on Google Workspace will continue to have the choice of enrolling their users in 2SV via the admin console." but I'm sure that policy will change at some point in the future. Especially for administrators
Summary: All possible options
Pre-Setup Todo
Uniquely name your mobile device (we'll be using this later)
- iOS: Settings | General | About | Make it something unique like "Name Phone type year purchased" eg "John iPhone 12 Pro 2021"
- Android: Settings | About | Device Name | Make it something unique like "Name Phone type year purchased" eg "John Pixel 4 XL 2021"
1. Get into settings
From a computer goto gmail.com. Then
2. Check and Update Account recovery information
Note: The phone and email here, if this is an old insecure email account (like AOL or mindspring) and hackers get into this account, they can use this to get into your google account!
Make sure it is accurate. Add current info, remove old info.
3. Setup 2-Step Verification with SMS
If you've never Installed the google app on your mobile device you won't see anything under "These devices can get prompts".
Add phone number
Turn on Google Account 2FA
4. Get Backup Codes
Used in the case of emergency. NOTE: Each code can only be used once! Get more before you run out if you use them
Save codes somewhere safe (password manager notes, print to paper etc)
5. Setup Authenticator App (TOTP)
Capture text info just in case
Then
Optional for the security conscious: Remove SMS 2FA option
then
Related Articles
Retrieving Google calendar detailed debug information
Step 1: Enabling Debug Mode for Google Calendar To access the debug mode in Google Calendar, follow these steps: Go to the Google Calendar website: https://calendar.google.com. Sign in to your Google account if you haven't already. Add the following ...Understanding iCloud and Google Photo Sync
Understanding iCloud and Google Photo Sync https://docs.google.com/drawings/d/1cffbbncKvw4ODlh7shgaN4yRb9slMkys624P5QFsaHE/Understanding Email - POP IMAP Exchange Google SMTP etc
Here's a picture to try and help understand what the different Email configurations mean and how email gets from Sender to Recipient Understanding Email POP IMAP Exchange SMTP ...The 5 Passwords of life - Keeping your Digital Persona secure and avoiding Identity Theft in the modern day
3 simple steps to securing your digital identity STEP 1 You should have at the most 5 passwords to remember. Each password is different, and those passwords are never used anywhere else (#5 can be stored in your password manager if you don't check ...Improve your Efficiency - Making Word Processing documents and Spreadsheets
Learning these will save thousands of hours over the course of your lifetime. Well worth the investment! Working Efficiently You should try and create documents in this order: Create your content - as much as possible (write your words) Add your ...