UTMail Two Factor Authentication
UTMail two factor authentication uses Google's native 2-Step Verification. This service works with a phone or tablet and allows users to authenticate via text message, phone call, Google Authenticator code, prompt push, or backup code.
UTMail business account owners are required to sign up for two factor authentication, whereas two factor authentication is optional--although strongly suggested--for personal accounts. You can tell if you have a business or personal account (or both) by logging in at the UTMail Management Portal.
Two-factor authentication (2FA) strengthens access security by requiring two methods (also referred to as factors) to verify your identity. These factors can include something you know - like a username and password, plus something you have - like a smartphone app to approve authentication requests.
2FA helps protect against phishing, social engineering and password brute-force attacks and secures your logins from attackers exploiting weak or stolen credentials.
Once we begin the mandatory enrollment period, business accounts will have two weeks to enroll in 2-Step Verification. Similarly, newly created business accounts will have two weeks after account creation to enroll a device in 2-Step Verification.
If you have not enrolled in 2-Step Verification, upon login you will be presented with this screen:
Enrollment is completed by following the on-screen instructions at the 2-Step Verification section of your UTMail account. During enrollment, you will first be required set up your phone to receive codes by text message or phone call. If you have already connected your account to your Android or iOS phone, you will be able to enroll with phone prompt/push notifications. After enrollment, you will be able to install and set up Google Authenticator to generate codes for offline use.
If you have a smartphone, we strongly recommend that you use the Google Authenticator app or prompt/push notifications as they are more secure.
I turned on 2-Step Verification and an app on my phone or computer stopped working
When you turn on 2-Step Verification, any apps that need access to your Google Account will stop working until you enter an App Password in place of your normal password.
Common applications and devices that require an App Password include:
- Old versions of email clients such as Outlook, Apple Mail and Thunderbird
- The email app that comes with your phone (but is not made by Google)
- Some chat, contacts and YouTube clients
Note: If you're running the latest operating system on your iPhone/iPad or Mac computer, you will no longer have to use App passwords to use 2-Step Verification.
You do not need to memorize App Passwords because every App Password is only used once. You can generate a new App Password whenever you’re asked for one, even for a device or application you’ve authorized before.
What if my phone was lost or stolen?
It is important to revoke any application passwords and to change your UTMail password.
You can access your account via backup codes or a backup phone that you have added to your account. If you have a new phone with the same number, then you will continue to receive text message or phone calls on your new device. Alternatively, if you have a "trusted" computer, you may be able to manage your account without being prompted for a second factor.
If you get completely locked out, the UT Service desk will be able to help you manage your account. Contact the UT Service Desk at 512-475-9400 or visit them at the walk up desk located in the Flawn Academic Center. Their hours are available here.
What if I do not have a reliable data connection?
The Google Authenticator Application can be downloaded from the Play & App Store for Android and iOS devices. After connecting your account with the Authenticator, codes generated within the app require no data connection.
My Google Authenticator codes aren't working
This might be because the time on your Google Authenticator app is not synced correctly.
To make sure that you have the correct time:
- Go to the main menu on the Google Authenticator app
- Tap More Settings.
- Tap Time correction for codes
- Tap Sync now
On the next screen, the app will confirm that the time has been synced, and you should now be able to use your verification codes to sign in. The sync will only affect the internal time of your Google Authenticator app, and will not change your device’s date and time settings.
App passwords are not working
If you’ve double-checked to make sure you’ve entered the App Password in correctly but it’s still not working, try going to https://g.co/allowaccess on your device’s browser. Enter your username and password, then type the letters on the screen. Then go back to the application you're trying to access and enter your App Password.
I lost my backup codes and I want to revoke them
If you lost the print-out of your backup codes, you can revoke them on your settings page. Click Show codes, then click Get new codes. This will invalidate the previous set of backup codes and generate a new set.
I didn't receive a verification code via text message or phone call
- If you chose to receive codes by text message, make sure your service plan and mobile device supports text message delivery. Delivery speed and availability may vary by location and service provider. Also make sure you’ve got adequate cell signal when you’re trying to receive your codes.
- If you chose to get codes by voice call, note that a voicemail with the verification code will be left on your phone if you’re unable to answer the call.
- If you have a smartphone, we recommend you use the Google Authenticator app.
- You can also switch between receiving your codes by text messages or voice calls - sometimes delivery of one of these services is more reliable than the other.
- Note: If you received multiple verification codes, only the newest one will work. If you requested multiple verification codes, keep in mind that it might take some time for the latest code to arrive.