This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ Log in to ask a question

2FA via Google Admin/Trusting Device

MattDPenn
Contributor II

‎08-11-2023 09:17 AM

Was wondering if there's a way of setting things up in the admin console so that it prompts a person to use their 2FA key (yubikey currently) once a day for chromebooks/boxes? Was poking around in the authentication center and the only way I see to not force them to use the key every time they log into the chrome device is to trust the device. Granted I haven't checked whether chrome devices actually respect trusting devices yet.

0 Kudos
Reply
1 REPLY 1

Kim_Nilsson
Admin Moderator

‎08-12-2023 03:03 PM

I've set up the Google Session Control, to 20 hours, to force a proper login once a day, and disallow Trust device.

For Chromebooks you also have to disable the Show Profile on Login setting, or it will not force 2FA.

--
https://wheretofind.me/@NoSubstitute
0 Kudos
Reply
  • © 2023 Google. All rights reserved.
  • Privacy Policy
  • Terms of Service
  • Community Guidelines