Making two-step verification (2SV) deployment easier

Security Key Enforcement was launched in January 2017 and allows a G Suite Enterprise domain admin to enforce the use of security keys as a two-factor authentication option to protect users against phishing. In addition to security key enforcement, G Suite domain admins also have the options of other 2SV methods such as the Google Authenticator app, text message, or phone call. To make 2SV deployment easier at your domain, we've added two new options in the Admin console:

Admin-led security key enrollment for end-users: Admins can now enroll security keys on behalf of their users. After navigating to the User page from Admin console, click ADD NEW KEY, and you can add a new security using the standard security key enrollment process.

2SV enrollment periods: Currently, whenever a new user is created in an organizational unit where two-step verification (2SV) is enforced, that user has to use 2SV from his or her first login. From administrator feedback, we found that enrollment periods would help onboarding users to 2SV more efficiently.

Going forward, administrators can now specify an enrollment period from the Admin console, during which newly created users can sign in with just their passwords and complete their 2SV setup.
To learn more, check out our updated Set up 2-Step Verification guide in the Help Center.

Launch Details
Release track:
Launching to both Rapid release and Scheduled release

2SV enrollment periods are available to all G Suite edition domains
Security key enrollment improvements are available to all G Suite Enterprise edition domains

Rollout pace:
Full rollout (1-3 days for feature visibility)

Admins only

Admin action suggested/FYI

More Information
Help Center

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates