How to set up 2-step verification for Google and Gmail on your iPhone, iPad, and Mac

Google 2fa Ipad Pro Hero
Google 2fa Ipad Pro Hero (Image credit: Christine Romero-Chan / iMore)

Not sure if two-factor authentication is important? Reports of millions of Google accounts being compromised should convince you. Do it. Do it now.

When it comes to data you want to be secured, your email accounts are probably close to the top of the list. Though email is technically an unencrypted medium, the average hacker might not go to too much trouble to grab a single message — but they'd love a peek at your history full of password resets, not to mention getting potential access to your bank accounts or other private information.

Strong passwords can help, but to be as secure as possible, you want to enable two-step authentication.

What is two-step authentication?

Two-step authentication is the most prevalent way to secure your accounts: It asks you to authenticate that you are who you say you are by supplying not only your password but a unique code supplied from your phone or an external app. It ensures that those accessing your accounts have access to your physical devices as well as your virtual passwords. It makes a simple password crack or social engineering hack a lot more insufficient for actually accessing your personal data.

How to set up your Google account with two-step authentication

Google was one of the first companies to offer two-step authentication for its user accounts; the company even created an option for third parties who want to offer two-step support for its services called Google Authenticator. Companies like Facebook, Tumblr, and Dropbox all use Google's service, as does Google itself.

As such, Google's experience with two-step authentication makes it a remarkably simple process to set up. Here's what you need to do.

  1. Visit Google's 2-Step Verification page and click on Get Started.

Set up Google account 2-factor authentication by showing steps: Tap Get Started on the main Google 2FA page (Image credit: iMore)
  1. Enter your Google email and password (or just your password, if you're already logged in to Google).
  2. Click the Get Started button.

Set up Google account 2-factor authentication by showing steps: On the Google account 2FA screen, click Get Started (Image credit: iMore)
  1. Add a phone number that Google can send the six-digit verification code to. (For semi-obvious reasons, this shouldn't be your Google Voice number: If you use that phone number, you might end up locked out of your account.)
  2. Click Send.

Set up Google account 2-factor authentication by showing steps: Input your phone number, then click Send (Image credit: iMore)
  1. Verify your phone number by entering in the six-digit code Google sent you.
  2. Click Next

Set up Google account 2-factor authentication by showing steps: input your six digit verification code from the text, and then click Next (Image credit: iMore)
  1. You may be asked to choose whether or not to add your current computer as a trusted device — select Yes if this is your own personal device, or choose No if it's a shared device.
  2. Confirm that you wish to turn on two-step verification by clicking Turn On.

Set up Google account 2-factor authentication by showing steps: Click Turn On to activate Google 2FA (Image credit: iMore)

And you're set! Google will now send your phone a six-digit code for any app that uses Google's web interface to authenticate your account.

How to use Google Authenticator

If you don't want codes sent via text message, you can also enable Google Authenticator; this allows you to receive a randomly-generated code from programs like Authy or 1Password or Google's own authenticator.

You can use Google Authenticator for a slew of different services in addition to your Google Account; you just need to make sure they have code generation turned on. Each service has a slightly different way of enabling this, but in general, you should find it under the Security section of your preferences.

Here's the setup screen for your Google accounts:

  1. Under your account's security preferences, click Authenticator App.
  2. Select whether you are using Android or iPhone.
  3. Click Next.

Google Account Authenticator Qr Code Setup (Image credit: iMore)
  1. Scan the QR code from your authenticator app. In this example, we use Authy.
  2. Give the account a name.
  3. Now, every time you want to verify with 2FA, input the six digit verification code that shows up on the app. These codes expire after 30 seconds.

Show how to add an account in Authy app for verification codes (Image credit: iMore)

Any questions?

Do you have any questions about how to add 2-step verification to your Google accounts? Put them in the comments, and we'll help you out.

Updated June 2020: Updated with the latest steps for setting up 2FA on your Google account.

Christine Chan

Christine Romero-Chan was formerly a Senior Editor for iMore. She has been writing about technology, specifically Apple, for over a decade at a variety of websites. She is currently part of the Digital Trends team, and has been using Apple’s smartphone since the original iPhone back in 2007. While her main speciality is the iPhone, she also covers Apple Watch, iPad, and Mac when needed.

When she isn’t writing about Apple, Christine can often be found at Disneyland in Anaheim, California, as she is a passholder and obsessed with all things Disney, especially Star Wars. Christine also enjoys coffee, food, photography, mechanical keyboards, and spending as much time with her new daughter as possible.