How to setup TOTP for Google/GMail

1. Locating the 2FA settings in Google/GMail

First, after having logged into your Gmail account, go to 'Manage your Google Account' (option below your profile icon, on the top right corner).

When you have found it, tap or click on Get Started to open the Security page.

Open the 2-Step Verification dropdown to have access to further configuration.

Or if you already had a Two Factor Authentication installed (such as your mobile phone number), you will see it here. Go to the '2-Step Verification settings' link.

You will be presented with a list of options for setting up a 2FA. Scroll down until you find the section called 'Authenticator App', and tap or click Set Up.

It may be that during this process, Google takes the opportunity to ask a few irrelevant questions to capture a bit more data about you 😮... Well, you have to tell them what you have to tell them...

2. Enabling Google/GMail's 2FA

When the time comes 😅, you will be presented with a QR Code to scan with your mobile device.This is a 2FA QR code issued by your online provider, for establishing the 2FA connection. It will be used only once.

Scan this QR Code with the 2FA scan in the Authenly app.

As soon as you scan it with Authenly, it will install a secure 2FA on your mobile device, and Authenly will be able to generate TOTP codes on demand.

3. Your Google/GMail is secured

Google will then check that the secure activation worked well, and will ask you to provide a code.

Tap on the newly created 2FA entry in Authenly to access the code for Google, and enter the code.

After having scanned the QR Code and entered the TOTP code when asked, you should get a confirmation from Google, either visually or by email, that the 2FA is now activated.

As you have experienced, installing a 2FA protection for a specific vendor account on your mobile device is quite a simple task to perform. We have built a list of 2FA installation guides for most major web applications, so that you can add safely and quickly an additional layer of security to your online account, and thereby also to your online identity.

4. Backup

Bear in mind that it is very important to keep a safe backup of your 2FA. Authenly is using a unique un-hackable offline secret to backup your 2FA-TOTP. This is a lot more secure than writing your 8 or 12 backup passcodes on paper or in a file accessible on your computer and/or on the cloud. It is also a lot more secure than letting your 2FA authentication app provider do the backup for you in their cloud (when they get hacked - not if... - your 2FA protection is rendered totally useless). Therefore, just make sure that you backup your 2FA-TOTP with Authenly as an offline secret, and be safe that you will not suffer any account lock-out and that you can restore at any time this 2FA onto any mobile device with your Authenly identity.

Need to understand and setup TOTP?

This short animated video will give you a good understanding of what is a Timed One-Time Password (or TOTP).


Frequently Asked Questions

Have questions? We’ve got answers. If you can’t find what you are looking for, feel free to get in touch.