Account Security

Set Up 2-Step Verification

A short guide to protecting your Karatina University Google account with a second sign-in check, on top of your password.

Back to Email Retrieval

You have 2 weeks after first signing in to your email account to set up 2-Step Verification. After this period, accounts without 2-Step Verification enabled will be locked until it is completed. Please follow the steps below now to avoid losing access to your account.

Why this matters: your university email gives access to official communication. A password alone can be guessed, reused, or leaked. 2-Step Verification means that even if someone gets your password, they still can't get into your account without your phone.

1Add your account to the Gmail app

If you haven't used your university email on your phone yet, add it to the Gmail app first — this is separate from just signing in on a website, and lets you receive mail, notifications, and switch between accounts easily.

On an Android phone
  1. Open the Gmail app. If it isn't installed, get it free from the Play Store first.
  2. Tap your profile photo or circle icon in the top-right corner.
  3. Tap Add another account.
  4. Choose Google from the list of account types.
  5. Tap Or use your email if asked, then type in your full university email address (the one you retrieved) and tap Next.
  6. Enter your password (your registration number in capital letters, without the "/") and tap Next again.
  7. Review and accept Google's terms if prompted. Gmail will then sync your account and it will appear in the account switcher, ready to use.

Tip: if you have other Gmail accounts on the same phone, you can switch between them at any time by tapping your profile photo and selecting the account you want.

2Sign in to your account

On your phone or computer, open a browser and go to myaccount.google.com, then sign in with your university email address and current password (the one generated from your registration number).

On an Android phone

If you already added the account in Step 1 and want to manage it from the Gmail app instead of a browser:

  1. Open the Gmail app.
  2. Tap your profile photo or initial in the top-right corner.
  3. Tap Manage your Google Account.
  4. Swipe to or tap the Security and sign-in tab.

3Open the Security and sign-in tab

On the left-hand menu (or the tab bar on mobile), tap Security and sign-in. Scroll to the section titled "How you sign in to Google" and tap 2-Step Verification.

4Start setup

Tap Get Started. You may be asked to re-enter your password to confirm it's really you.

5Choose how you'll verify

Google will ask you to pick a verification method. Any of these work well:

Google prompt

If you have the Gmail or Google app installed, you'll get a "Yes/No" tap prompt on your phone each time you sign in. Fastest option.

Text message or call

Enter your phone number. Google sends a 6-digit code by SMS (or calls you) each time you need to verify.

Authenticator app

Use Google Authenticator or a similar app to generate codes even without phone signal — useful in areas with poor network coverage.

Backup codes

A set of one-time codes you can print or save, for when you don't have your phone at all. Highly recommended as a backup to whichever method you choose above.

Follow the on-screen steps for your chosen method, then tap Turn On to finish enabling 2-Step Verification.

6Save your backup codes

Before you close the page, go back into 2-Step Verification and tap Backup codes. Download or write down these codes and keep them somewhere safe (not on the same phone you use for sign-in). If you ever lose access to your phone or number, these codes are how you get back into your account.

What changes after this: when you sign in from a new device or browser, Google will ask for your usual password and a second check (a tap, code, or backup code). On devices you use regularly and trust, you can tell Google to remember that device so you aren't asked every single time.

Common questions

Use one of the backup codes you saved during setup at the sign-in screen instead of a phone prompt or SMS code. If you didn't save any backup codes and no longer have your phone, contact the ICT Helpdesk for identity verification and account recovery.

Sign in to myaccount.google.com, go to Security > 2-Step Verification, and update your phone number under your verification methods before your old line is disconnected, if possible. If you're already locked out, use a backup code first, then update your number.

No. On devices and browsers you use often, you can mark them as trusted so you're only asked occasionally. New or unfamiliar devices will always require the second check — that's what protects your account if someone else has your password.

No. Google prompts and authenticator app codes work with little to no data. SMS codes may attract your network provider's normal SMS charges depending on your plan.

Still need help?

Reach out to the ICT Department and we'll walk you through it.

support@karu.ac.ke
RCH Building, 2nd Floor, 8:00 AM – 5:00 PM