Boost the protection of your Gmail account with 2-Step Verification
“Click here for file I shared with you on Dropbox/Google Drive.” <click>
You’re presented with a login screen asking for your username and password. The sender was a colleague in your site, so it must be legit, right? Within minutes of typing in your username and password, your Gmail account begins sending out a similar phishing email to thousands more recipients.
When you fall prey to a phishing attempt, the “bad guys” capture your single sign-on username and password, which in turn can provide them access to not only your Google account (Drive, Gmail, Sites, etc.), but other systems as well other systems with highly sensitive data (Workday, Infinite Campus).
PREVENT UNAUTHORIZED ACCESS TO YOUR GOOGLE ACCOUNT
The first obvious approach to protecting your username and password is to avoid phishing attempts. To help bolster security on Google accounts, the IT Division has recently enabled a great feature within our Google system that allows you to set up a process called “2-Step Verification.”
WHAT IS 2-STEP VERIFICATION?
In short, 2-Step Verification prevents “the bad guys” from using your username and password to log into Google. When trying to log into Google on a new computer, a code is sent to your phone via text, voice call, or by using Google’s mobile authentication app. Without access to that 6-digit code, the login attempt will fail, preventing unauthorized access to your Google account.
Check out Google’s informative and easy-to-understand page about 2-Step Verification.
HOW DO I SET IT UP?
Setup is incredibly quick and easy; visit https://accounts.google.com/SmsAuthConfig and Google walks you right through the process. Once you’ve established 2-Step Verification, you can change the phone number associated with your account, enable use of the Google Authenticator app, and add backup options.
PASSWORDS ON IPHONE, MICROSOFT OUTLOOK, MAC MAIL
When accessing your Google account on iPhone/iPad, via Microsoft Outlook, or using Mail on Mac, if you enable 2-Step Verification, you’ll need to generate what is called an “application-specific” password. To do so, visit https://accounts.google.com/SmsAuthConfig and click on the App-specific passwords tab. When you generate an App-specific password, that is the password you’ll use on these other services (instead of your normal DCSD password).
YOUR CREDENTIALS, YOUR ULTIMATE RESPONSIBILITY
We all share a responsibility to protect the privacy of the data within our reach, whether financial, personnel, or student data. No matter what safeguards technology can provide, the human element is always the last line of defense to avoid the pitfalls of data breaches. By enabling 2-Step Verification with your Google account, you’re not only helping to protect data within our district, you are also protecting yourself from being responsible for leaking sensitive information due to your account being compromised.
If you have questions regarding 2-Step Verification, please feel free to join the discussion on our Google+ DCSD IT Community. For technical support with 2-Step Verification, please submit a help desk ticket using the request type of ITS Applications > District Applications > Google Apps > Gmail.