Two-Factor Authentication

At KRC it will become mandatory for all staff and volunteers who have a email account to adopt two-factor phone authentication. Each person must set it up on their own - please review the steps below. If you need help, please ask Ilsoo Noh.

Why is this needed

A lot of sensitive data is accessible with KRC's email account. Without two-factor authentication, all that is needed to access a KRC email account is the correct password, and given the current security practices, passwords can be liable for leaking. With two-factor authentication, the intruder needs to have both the password and the person's phone at hand. This reduces the number of security breaches by over 99%.

You don't have to authenticate with your phone every time. You will only need to authenticate:

  1. The first time you are using your computer
  2. Every 30 days from the first login
  3. Each time you move to a different geographic location (eg from Los Angeles to Washington DC)

How to Set Up Two-Factor Authentication

  1. Login to KRC gmail
  2. Click the gear icon on the top right
  3. In "Accounts" tab, click "Google Account settings"
  4. In "Sign-in & security" box, click "Signing in to Google"
  5. Click "2-Step Verification"
  6. Click Get Started, enter password again
  7. Enter your cell phone number -> Next
  8. Receive the number you received via text message (Your Google verification code is xxxx) -> Next
  9. Click "Turn On"
  10. Optional: You can also add office phone numbers to be ready for when you lose your cell phone, etc

If using Outlook or some other program using POP3

Follow these instructions to generate an application-specific password