What is it?
Put simply, 2-step gives your account an added layer of security by combining a password you know with a one time use, random set of characters sent to a device in your possession. Learn more here.
Why do we require it?
We require 2-step verification for all users with elevated admin rights in order to keep the entire organization safe. A user with elevated rights could delete other user accounts/data, or change critical configuration settings. We must use every tool within reason to protect these accounts. Find more info here.
*We recommend all users enable 2-step but do not require it for users that do not have administrative rights.
How do you set it up?
Configuring 2-step is easy. You can go here to read more about it and click "Get started" to begin setup, or you can watch this video (only need the first minute until FIDO key arrives) to walk you through the setup process.
All G Suite admins will receive a hardware key for 2-step verification once they have completed training. Though the use of your phone for 2-step is still allowed, we recommend using the hardware key as much as possible as it adds an extra layer of security to your login by preventing phishing attacks through the use of clone sites or false login prompts. As an added bonus there is no limit to the number of accounts you can link to your FIDO U2F key and we highly recommend connecting it to whatever accounts support it in both your personal and professional life.
You can read up on FIDO U2F keys here
Security keys will go out via courier to all admin users after training. Please open a helpdesk ticket requesting a key with your full name and courier code and be on the lookout for a package containing a key like the one you see to the left. Keys are only available for admin users.