Resolve 'MFA on Google Workspace' test

  • Updated

How to Fix

  • Enforce multifactor authentication on all your organization's Google accounts.

    1. Log in to the Google admin console.
    2. Click Security | Authentication | 2-step-verification to enforce 2-step verification.
    3. Select Turn on enforcement from date.
    4. Enter a date by which all of your users are required to use multifactor authentication to access their Google accounts. We recommend selecting a date two to four weeks in the future, as employees without multi-factor authentication will be unable to sign in to their accounts once enforcement is in effect. (More information from Google Workspace)

      Screenshot


Common Reasons For Failure

  • Enforcing MFA works by requiring individual users to complete the setup the next time they log in. If a user has not logged out or their SSO Session has remained active, the setup may not have been completed.
    If a user is failing this test, it is recommend they try logging out of their current Google instance. They should be prompted to use MFA when logging back in.
    Further information on managing Google Workspace security settings can be found on the Google Workspace Admin Help page
  • Vanta is only able to identify MFA settings enforced directly in Google Workspace, and is unable to recognise if accounts are accessing Google through a different SAML provider (AKA Okta).