2-Step Verification

What is 2-step verification?

2-step verification, also called two factor, 2Step, or multi-factor authentication, is an important tool for keeping your online accounts secure. With 2-step verification enabled, logging into an online account becomes a multi-step process. You’ll need BOTH something you know (your username and password) AND access to something you have (ex. your phone) to log into an online account that is secured with 2-step verification.

There are lots of ways that the second step can work:

Receive a one-time code via text, phone call, email, or third party app
Enter a one-time code from a list you have pre-printed
Insert a USB device

How does 2-step verification protect my account?

If your password gets leaked or stolen, bad actors will try to use it to take over control of your account. However, if you have 2-step verification enabled they’ll hit a wall when prompted for 2-step verification because they won’t have access to your other verification methods.

Google 2-step Verification (Required for MHC Accounts)

Like many other colleges, in order to protect both individual accounts and the college network of users, Mount Holyoke College requires that students, faculty, and staff enable 2-step verification on their MHC Google accounts.

Quick Links:

What happens if I don’t turn on Google 2-step verification?

People who fail to enable 2-step verification within 2 weeks of first logging into their MHC Google accounts will temporarily lose access to their accounts. Connect with the Technology Help Desk to regain access.

My bank lets me "remember this computer" so I don't always have to enter a second factor to login. Can I do this with Google 2-step?

You can choose to have your personal computer - in your office, your work laptop, your home computer - remember you so you only have to use the second verification stop occasionally. Public computers, like those in labs and classrooms, will require you to use 2-step verification every time you use them, even if you use that computer regularly. This means you will need to be in the habit of bringing your phone, USB key, or list of codes to class with you in order to access your account.

Do I need a smartphone to use Google 2-step verification?

No. You can choose to use the Google Authenticator app on a smartphone, but you can also choose to receive a code via text message, print out a list of one-time use codes in advance, or get a USB device (Yubikey) from the Technology Help Desk. If you need additional help, please contact the Technology Help Desk.

What if I've forgotten my phone, USB key or codes, and need to log into Moodle on a projection computer in a classroom?

Faculty who need an emergency code to teach can call the Technology Help Desk from any available phone and request a backup code. If the person on the desk doesn't know you, you'll have to provide a number found on your Mount Holyoke ID card in order to receive a backup code. You will have to make the call yourself (we will not provide a student with your code) and you will still need to enter your password (which we do not give over the phone) along with the backup code.

Set up 2-step Verification on Every Account

LITS highly recommends that you set up 2-step verification on all your online accounts. We’ve provided links below to 2-step setup instructions for common accounts.