Gmail users, here’s how (and why) you should set up prompt-based 2FA

Last week, Google rolled out two-factor authentication prompts to its updated Gmail app, all in the hopes that more people using Google products will use two-factor authentication to protect their accounts, and that users will choose prompt-based authentication over less secure methods, like SMS codes.

Why turn on two-step verification (also known as two-factor authentication, or 2FA)? Because a password, even a strong one (which you aren’t using anywhere else, are you?), isn’t enough to keep your account secure.

If the service you’re using offers 2FA, you should enable it — it’s another layer of protection on your account that stops someone who can steal or guess your password from getting access.

The beauty of what the Gmail app offers is that it makes two-step authentication easier to use.

Instead of waiting for an email or SMS to appear on your phone, or setting up an authentication code on a 3rd party code generator, and then typing in the code you receive or generate, it’s just one touch to authenticate.

In this case, you simply open Gmail app, which will ask if it’s you trying to sign in on a new device. You just hit a button to confirm, yes, it’s actually me trying to sign in to my account on that computer.

Ease of use is important because, for all the security benefits that 2FA brings, Gmail users just haven’t been using it.

The prompt-based approach to 2FA is something many organizations, including Google, have been pushing for a few years, as the SMS-based 2FA method can be vulnerable to fraud. It is better than nothing, but push-based methods—like the Google prompt—are more secure, and easier to use.

If this is something you’ve held off on doing, here’s how to get the prompt-based 2FA set up on your Google account. (Note that the setup is slightly different for Android and iOS users.)

Android users: Google Play Services deliver the prompt on your phone, so make sure your version is updated for this feature to work.
iOS users: The Google prompt works on iPhone version 5s and higher via the Google app and now the Gmail app as well.

First, you’ll need to navigate to the two-step authentication setting on your Google account on a computer (for Android or iOS users), or via the settings within your Google app (for iOS users). To find the 2FA setting from either a computer or the app, go to the settings of your Google profile, and select “signing in to Google” from under the Sign-in and Security area.

The screenshots below are from iOS on an iPhone 7, but it’s very similar when going through this process on a computer.

In the “signing in to Google section,” click the “two-step verification” option and hit the “try it now” prompt.

You’ll now see what the prompt looks like:

If it was you trying to sign in, hit “Yes,”.

You’re not done yet though! The app will ask you to confirm that you want to turn this feature on, so tap “turn it on.”

Now you should be ready to go with the prompts on your Google account, and the 2-step verification screen will show you that Google prompts are enabled, along with any other prior 2FA methods you may have enabled (like the Authenticator app, SMS or physical keys).

If you have notifications enabled for the Google app, next time you (or anyone else!) tries to sign in to your Google account on a new device, you’ll be pinged to open the app and verify that it’s you. If you don’t have notifications enabled, you’ll need to open the Google app yourself to verify the login.