Cybersecurity month tip #2: Using 2 factor authentication

Your password can be exposed through a number of methods like phishing, a compromised computer or website, a rogue WiFI setup or a breached service. Fortunately we have a system available that can prevent anyone from accessing your Williams google account even if they know your password.

Two-factor authentication (also referred to as two-step or multi-factor authentication or verification or 2FA) is basically just a way to ‘double lock’ your account.

Instead of just having one level of security of ‘something you know’, like your username & password, it also requires ‘something you have’ that’s unique to only you, like your cell phone. Together these 2 things prove that the person attempting to log onto your account is really you. This way even if someone gets your password somehow they still can’t access your account since they don’t have your cell phone as well.

To sign up for Two-factor authentication (called 2 Step Verification by Google) on your Williams e-mail account visit here . Once you have this enabled, whenever you want to login to your account from a new location you’ll need to provide an additional code. You can get this code a number of different ways including;

  • an app on your mobile device
  • a USB Security key
  • a text message
  • a phone call
  • a printed list of codes

Given the spotty nature of cell service in our area, and for anyone traveling internationally, we highly recommend you install the app &/or print out “Backup” Codes and keep them in your wallet.

Google also recently added an even easier way to authenticate, it’s called 2-Step Verification phone prompts login a window pops up on your smartphone asking “Trying to sign in?”. Just click YES and you’re in.


App Specific Passwords Since you access your Google account from some applications on your mobile device or computer that cannot access your 2 step verification code, Google has a feature that creates unique App Specific Passwords for these applications. This feature will create a unique 16 character for each application you need access from. Once you enter this password you can forget it since you’ll never have to worry about again. You can cancel & revoke these passwords without having to modify your real password. This is especially handy for applications on your phone or other mobile device that might get lost or stolen, just revoke those passwords and no one can get to your mail, calendar etc from that device. For more information about this visit

Other sites that use 2 Factor Authentication

Now that your William’s account is nicely secured, what about all the rest of your accounts on the internet? You’re in luck, many other popular websites like Twitter, Facebook, Tumblr, PayPal and LinkedIn allow you to enable 2 Factor Authentication. In addition your bank & credit card providers probably offer this as well. See for a fairly comprehensive list of sites that offer this type of service.

For more information about 2 Factor authentication visit

Thanks for assisting us with both your personal and the college’s online security.

This message was sent to Students, Faculty, and Staff on October 25, 2016 by Seth Rogers, Ofc for Information Technology.