Protect your NSIX Google account with 2-Step Verification

Due to the increased cyber-attack threats to education establishments, we strongly recommend that schools follow the NCSC (National Cyber Security Centre) guideline and ensure 2-Step Verification is turned on for all staff email accounts.

This functionality is available on all staff Google NSIX accounts and details of how to set this up are below:

With 2-Step Verification (also known as two-factor authentication), you add an extra layer of security to your account in case your password is stolen. After you set up 2-Step Verification, you’ll sign into your account in two steps using:

Something you know, like your password
Something you have, like your phone

To turn on 2-Step Verification

Open your NSIX Google Account by going to https://myaccount.google.com.
In the navigation panel on the left side, select Security.
Under “Signing into Google,” select 2-Step Verification and then Get started.
Follow the on-screen steps.

If you can’t set up 2-Step Verification on your Google nsix account please contact ICT Solutions service desk on 01603 475603.

Verify it’s you with a second step

After you turn on 2-Step Verification, you’ll need to complete a second step to verify it’s you when you sign in. To help protect your account, Google will request that you complete a specific second step.

Use Google prompts

Google recommend that you sign in with Google prompts. It's easier to tap a prompt than enter a verification code. Prompts can also help protect against SIM swap and other phone number-based hacks.

iPhone/iOS - Google prompts are push notifications you get on iPhones that are signed in to your NSIX Google Account with the Smart Lock app, Gmail app, or Google app.

Android - To use Google prompts on an Android device, you need your Android device to be up to date with its updates. If you sign into another compatible phone with your NSIX account, you automatically get Google prompts on that device, until you sign out.

Google prompts are push notifications you’ll receive on:

Android phones that are signed in to your NSIX Google Account
iPhones with the Smart Lock app, the Gmail app, or Google app signed in to your NSIX Google account

Based on the device and location info in the notification, you can:

Allow the sign in if you requested it by tapping Yes
Block the sign-in if you didn’t request it by tapping No

(For added security, Google may ask you for your PIN or other confirmation (FaceID) when using a mobile device.)

Use other verification methods

You can set up other verification methods in case you:

Want increased protection against phishing
Can’t get Google prompts
Lose your phone

Use Google Authenticator or other verification code apps

Important: Never give your verification codes to anyone.

You can set up Google Authenticator or another app that creates one-time verification codes when you don’t have an internet connection or mobile service.

iPhone/iOS - https://apps.apple.com/us/app/google-authenticator/id388497605

Android - https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en_GB&gl=US

Enter the verification code on the sign-in screen to help verify it’s you.

Use a verification code from a text message or call

Important: Never give your verification codes to anyone.

You can set up 2-Step Verification to send a 6-digit code to a phone number you provide. Codes can be sent in a text message (SMS) or through a voice call, depending on the setting you chose. To verify it’s you, enter the code on the sign-in screen.

Tip: Although any form of 2-Step Verification adds account security, verification codes sent by texts or calls can be vulnerable to phone number-based hacks.

If you require any help or advice on setting up 2-Step Verification, please contact the ICT Solutions Service Desk on 01603 475603 or email ict@norfolk.gov.uk