Two-step authentication adds extra security by requiring two forms of identification when your users sign into their accounts. This means that as well as an email address and password, users will need a unique passcode generated by an authenticator app to login to their account.
Before you start
Before you enable two-step authentication here are some useful things you should know first.
Users will always need their mobile device to generate a passcode. If they lose or damage their device, they must contact an account administrator to reset or turn off two-step authentication.
Enable two-step authentication
Navigate to the Users list within the Admin section.
Click Edit against the user you wish to enable two-step authentication for.
Click the two-step authentication tab and tick the enabled checkbox.
Click Update to save the changes.
Configure authentication device
When the user next signs in they will be required to configure two-step authentication.
Open your authenticator app.
Add a new account and scan the QR barcode with the app.
Enter the current 6-digit code provided by the authenticator app.
Please see the documentation for your specific authenticator app for more details.
Now that you have set up two-step authentication you will now want to sign in using this.
My phone won't recognise the QR barcode?
If your phone does not scan the barcode try moving your phone further away from the screen. Certain devices work better further away than you would think, in particular Google Android devices.